propagate from branch 'au.asn.ucc.matt.ltc.dropbear' (head 2af22fb4e878750b88f80f90d439b316d229796f)

to branch 'au.asn.ucc.matt.dropbear' (head 02c413252c90e9de8e03d91e9939dde3029f5c0a) --HG-- extra : convert_revision : 52ccb0ad0587a62bc64aecb939adbb76546aac16
author: Matt Johnston <matt@ucc.asn.au> 2007-01-11 02:41:05 +0000
committer: Matt Johnston <matt@ucc.asn.au> 2007-01-11 02:41:05 +0000
commit: a938f4cfe140e8561d9dbf108b896492a662a893 (patch)
tree: f2a74322f959ff6a505ba5e87274ebe3d17d5e74 /libtomcrypt/src
parent: 692d737a821c5e401c227d936b8f0d76b955650f (diff)
parent: 28ad393b008b34bc3cdbaa192440b8cc615329f0 (diff)
320 files changed, 17932 insertions, 7901 deletions
diff --git a/libtomcrypt/src/ciphers/aes/aes.c b/libtomcrypt/src/ciphers/aes/aes.c
index 0e4933f..74798e8 100644
--- a/libtomcrypt/src/ciphers/aes/aes.c
+++ b/libtomcrypt/src/ciphers/aes/aes.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /* AES implementation by Tom St Denis
@@ -50,7 +50,7 @@ const struct ltc_cipher_descriptor rijndael_desc =
     6,
     16, 32, 16, 10,
     SETUP, ECB_ENC, ECB_DEC, ECB_TEST, ECB_DONE, ECB_KS,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL
+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 #endif
 
@@ -60,7 +60,7 @@ const struct ltc_cipher_descriptor aes_desc =
     6,
     16, 32, 16, 10,
     SETUP, ECB_ENC, ECB_DEC, ECB_TEST, ECB_DONE, ECB_KS,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL
+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
 #else
@@ -76,7 +76,7 @@ const struct ltc_cipher_descriptor rijndael_enc_desc =
     6,
     16, 32, 16, 10,
     SETUP, ECB_ENC, NULL, NULL, ECB_DONE, ECB_KS,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL
+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
 const struct ltc_cipher_descriptor aes_enc_desc =
@@ -85,7 +85,7 @@ const struct ltc_cipher_descriptor aes_enc_desc =
     6,
     16, 32, 16, 10,
     SETUP, ECB_ENC, NULL, NULL, ECB_DONE, ECB_KS,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL
+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
 #endif
@@ -283,11 +283,12 @@ int SETUP(const unsigned char *key, int keylen, int num_rounds, symmetric_key *s
   @param pt The input plaintext (16 bytes)
   @param ct The output ciphertext (16 bytes)
   @param skey The key as scheduled
+  @return CRYPT_OK if successful
 */
 #ifdef LTC_CLEAN_STACK
-static void _rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) 
+static int _rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) 
 #else
-void ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 #endif
 {
     ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk;
@@ -309,7 +310,6 @@ void ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
     LOAD32H(s2, pt  +  8); s2 ^= rk[2];
     LOAD32H(s3, pt  + 12); s3 ^= rk[3];
 
-
 #ifdef LTC_SMALL_CODE
 
     for (r = 0; ; r++) {
@@ -442,13 +442,16 @@ void ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
         (Te4_0[byte(t2, 0)]) ^ 
         rk[3];
     STORE32H(s3, ct+12);
+
+    return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) 
+int ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey) 
 {
-   _rijndael_ecb_encrypt(pt, ct, skey);
+   int err = _rijndael_ecb_encrypt(pt, ct, skey);
    burn_stack(sizeof(unsigned long)*8 + sizeof(unsigned long*) + sizeof(int)*2);
+   return err;
 }
 #endif
 
@@ -459,11 +462,12 @@ void ECB_ENC(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
   @param ct The input ciphertext (16 bytes)
   @param pt The output plaintext (16 bytes)
   @param skey The key as scheduled 
+  @return CRYPT_OK if successful
 */
 #ifdef LTC_CLEAN_STACK
-static void _rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) 
+static int _rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) 
 #else
-void ECB_DEC(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int ECB_DEC(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 #endif
 {
     ulong32 s0, s1, s2, s3, t0, t1, t2, t3, *rk;
@@ -617,14 +621,17 @@ void ECB_DEC(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
         (Td4[byte(t0, 0)] & 0x000000ff) ^
         rk[3];
     STORE32H(s3, pt+12);
+
+    return CRYPT_OK;
 }
 
 
 #ifdef LTC_CLEAN_STACK
-void ECB_DEC(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) 
+int ECB_DEC(const unsigned char *ct, unsigned char *pt, symmetric_key *skey) 
 {
-   _rijndael_ecb_decrypt(ct, pt, skey);
+   int err = _rijndael_ecb_decrypt(ct, pt, skey);
    burn_stack(sizeof(unsigned long)*8 + sizeof(unsigned long*) + sizeof(int)*2);
+   return err;
 }
 #endif
 
@@ -683,10 +690,10 @@ int ECB_TEST(void)
   
     rijndael_ecb_encrypt(tests[i].pt, tmp[0], &key);
     rijndael_ecb_decrypt(tmp[0], tmp[1], &key);
-    if (memcmp(tmp[0], tests[i].ct, 16) || memcmp(tmp[1], tests[i].pt, 16)) { 
+    if (XMEMCMP(tmp[0], tests[i].ct, 16) || XMEMCMP(tmp[1], tests[i].pt, 16)) { 
 #if 0
        printf("\n\nTest %d failed\n", i);
-       if (memcmp(tmp[0], tests[i].ct, 16)) {
+       if (XMEMCMP(tmp[0], tests[i].ct, 16)) {
           printf("CT: ");
           for (i = 0; i < 16; i++) {
              printf("%02x ", tmp[0][i]);
@@ -751,5 +758,5 @@ int ECB_KS(int *keysize)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/aes/aes.c,v $ */
-/* $Revision: 1.8 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.14 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/ciphers/aes/aes_tab.c b/libtomcrypt/src/ciphers/aes/aes_tab.c
index 31d276e..0ef9731 100644
--- a/libtomcrypt/src/ciphers/aes/aes_tab.c
+++ b/libtomcrypt/src/ciphers/aes/aes_tab.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 /* The precomputed tables for AES */
 /*
@@ -94,6 +94,7 @@ static const ulong32 TE0[256] = {
     0x7bb0b0cbUL, 0xa85454fcUL, 0x6dbbbbd6UL, 0x2c16163aUL,
 };
 
+#ifndef PELI_TAB
 static const ulong32 Te4[256] = {
     0x63636363UL, 0x7c7c7c7cUL, 0x77777777UL, 0x7b7b7b7bUL,
     0xf2f2f2f2UL, 0x6b6b6b6bUL, 0x6f6f6f6fUL, 0xc5c5c5c5UL,
@@ -160,6 +161,7 @@ static const ulong32 Te4[256] = {
     0x41414141UL, 0x99999999UL, 0x2d2d2d2dUL, 0x0f0f0f0fUL,
     0xb0b0b0b0UL, 0x54545454UL, 0xbbbbbbbbUL, 0x16161616UL,
 };
+#endif
 
 #ifndef ENCRYPT_ONLY
 
@@ -528,6 +530,7 @@ static const ulong32 TE3[256] = {
     0xb0b0cb7bUL, 0x5454fca8UL, 0xbbbbd66dUL, 0x16163a2cUL,
 };
 
+#ifndef PELI_TAB
 static const ulong32 Te4_0[] = {
 0x00000063UL, 0x0000007cUL, 0x00000077UL, 0x0000007bUL, 0x000000f2UL, 0x0000006bUL, 0x0000006fUL, 0x000000c5UL, 
 0x00000030UL, 0x00000001UL, 0x00000067UL, 0x0000002bUL, 0x000000feUL, 0x000000d7UL, 0x000000abUL, 0x00000076UL, 
@@ -667,6 +670,7 @@ static const ulong32 Te4_3[] = {
 0x8c000000UL, 0xa1000000UL, 0x89000000UL, 0x0d000000UL, 0xbf000000UL, 0xe6000000UL, 0x42000000UL, 0x68000000UL, 
 0x41000000UL, 0x99000000UL, 0x2d000000UL, 0x0f000000UL, 0xb0000000UL, 0x54000000UL, 0xbb000000UL, 0x16000000UL
 };
+#endif /* pelimac */
 
 #ifndef ENCRYPT_ONLY
 
@@ -1020,5 +1024,5 @@ static const ulong32 rcon[] = {
 };
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/aes/aes_tab.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/04/02 13:19:09 $ */
diff --git a/libtomcrypt/src/ciphers/anubis.c b/libtomcrypt/src/ciphers/anubis.c
index 511eac2..9a0722c 100644
--- a/libtomcrypt/src/ciphers/anubis.c
+++ b/libtomcrypt/src/ciphers/anubis.c
@@ -1,1554 +1,1558 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
- */
-
-/**
-  @file anubis.c
-  Anubis implementation derived from public domain source
-  Authors: Paulo S.L.M. Barreto and Vincent Rijmen.
-*/
-
-#include "tomcrypt.h"
-
-#ifdef ANUBIS
-
-const struct ltc_cipher_descriptor anubis_desc = {
-   "anubis",
-   19,
-   16, 40, 16, 12,
-   &anubis_setup,
-   &anubis_ecb_encrypt,
-   &anubis_ecb_decrypt,
-   &anubis_test,
-   &anubis_done,
-   &anubis_keysize,
-   NULL, NULL, NULL, NULL, NULL, NULL, NULL
-};
-
-#define MIN_N           4 
-#define MAX_N           10 
-#define MIN_ROUNDS      (8 + MIN_N) 
-#define MAX_ROUNDS      (8 + MAX_N) 
-#define MIN_KEYSIZEB    (4*MIN_N) 
-#define MAX_KEYSIZEB    (4*MAX_N) 
-#define BLOCKSIZE       128 
-#define BLOCKSIZEB      (BLOCKSIZE/8) 
-
-
-/*
- * Though Anubis is endianness-neutral, the encryption tables are listed
- * in BIG-ENDIAN format, which is adopted throughout this implementation
- * (but little-endian notation would be equally suitable if consistently
- * employed).
- */
-#if defined(ANUBIS_TWEAK)
-
-static const ulong32 T0[256] = {
-    0xba69d2bbU, 0x54a84de5U, 0x2f5ebce2U, 0x74e8cd25U,
-    0x53a651f7U, 0xd3bb6bd0U, 0xd2b96fd6U, 0x4d9a29b3U,
-    0x50a05dfdU, 0xac458acfU, 0x8d070e09U, 0xbf63c6a5U,
-    0x70e0dd3dU, 0x52a455f1U, 0x9a29527bU, 0x4c982db5U,
-    0xeac98f46U, 0xd5b773c4U, 0x97336655U, 0xd1bf63dcU,
-    0x3366ccaaU, 0x51a259fbU, 0x5bb671c7U, 0xa651a2f3U,
-    0xdea15ffeU, 0x48903dadU, 0xa84d9ad7U, 0x992f5e71U,
-    0xdbab4be0U, 0x3264c8acU, 0xb773e695U, 0xfce5d732U,
-    0xe3dbab70U, 0x9e214263U, 0x913f7e41U, 0x9b2b567dU,
-    0xe2d9af76U, 0xbb6bd6bdU, 0x4182199bU, 0x6edca579U,
-    0xa557aef9U, 0xcb8b0b80U, 0x6bd6b167U, 0x95376e59U,
-    0xa15fbee1U, 0xf3fbeb10U, 0xb17ffe81U, 0x0204080cU,
-    0xcc851792U, 0xc49537a2U, 0x1d3a744eU, 0x14285078U,
-    0xc39b2bb0U, 0x63c69157U, 0xdaa94fe6U, 0x5dba69d3U,
-    0x5fbe61dfU, 0xdca557f2U, 0x7dfae913U, 0xcd871394U,
-    0x7ffee11fU, 0x5ab475c1U, 0x6cd8ad75U, 0x5cb86dd5U,
-    0xf7f3fb08U, 0x264c98d4U, 0xffe3db38U, 0xedc79354U,
-    0xe8cd874aU, 0x9d274e69U, 0x6fdea17fU, 0x8e010203U,
-    0x19326456U, 0xa05dbae7U, 0xf0fde71aU, 0x890f1e11U,
-    0x0f1e3c22U, 0x070e1c12U, 0xaf4386c5U, 0xfbebcb20U,
-    0x08102030U, 0x152a547eU, 0x0d1a342eU, 0x04081018U,
-    0x01020406U, 0x64c88d45U, 0xdfa35bf8U, 0x76ecc529U,
-    0x79f2f90bU, 0xdda753f4U, 0x3d7af48eU, 0x162c5874U,
-    0x3f7efc82U, 0x376edcb2U, 0x6ddaa973U, 0x3870e090U,
-    0xb96fdeb1U, 0x73e6d137U, 0xe9cf834cU, 0x356ad4beU,
-    0x55aa49e3U, 0x71e2d93bU, 0x7bf6f107U, 0x8c050a0fU,
-    0x72e4d531U, 0x880d1a17U, 0xf6f1ff0eU, 0x2a54a8fcU,
-    0x3e7cf884U, 0x5ebc65d9U, 0x274e9cd2U, 0x468c0589U,
-    0x0c183028U, 0x65ca8943U, 0x68d0bd6dU, 0x61c2995bU,
-    0x03060c0aU, 0xc19f23bcU, 0x57ae41efU, 0xd6b17fceU,
-    0xd9af43ecU, 0x58b07dcdU, 0xd8ad47eaU, 0x66cc8549U,
-    0xd7b37bc8U, 0x3a74e89cU, 0xc88d078aU, 0x3c78f088U,
-    0xfae9cf26U, 0x96316253U, 0xa753a6f5U, 0x982d5a77U,
-    0xecc59752U, 0xb86ddab7U, 0xc7933ba8U, 0xae4182c3U,
-    0x69d2b96bU, 0x4b9631a7U, 0xab4b96ddU, 0xa94f9ed1U,
-    0x67ce814fU, 0x0a14283cU, 0x478e018fU, 0xf2f9ef16U,
-    0xb577ee99U, 0x224488ccU, 0xe5d7b364U, 0xeec19f5eU,
-    0xbe61c2a3U, 0x2b56acfaU, 0x811f3e21U, 0x1224486cU,
-    0x831b362dU, 0x1b366c5aU, 0x0e1c3824U, 0x23468ccaU,
-    0xf5f7f304U, 0x458a0983U, 0x214284c6U, 0xce811f9eU,
-    0x499239abU, 0x2c58b0e8U, 0xf9efc32cU, 0xe6d1bf6eU,
-    0xb671e293U, 0x2850a0f0U, 0x172e5c72U, 0x8219322bU,
-    0x1a34685cU, 0x8b0b161dU, 0xfee1df3eU, 0x8a09121bU,
-    0x09122436U, 0xc98f038cU, 0x87132635U, 0x4e9c25b9U,
-    0xe1dfa37cU, 0x2e5cb8e4U, 0xe4d5b762U, 0xe0dda77aU,
-    0xebcb8b40U, 0x903d7a47U, 0xa455aaffU, 0x1e3c7844U,
-    0x85172e39U, 0x60c09d5dU, 0x00000000U, 0x254a94deU,
-    0xf4f5f702U, 0xf1ffe31cU, 0x94356a5fU, 0x0b162c3aU,
-    0xe7d3bb68U, 0x75eac923U, 0xefc39b58U, 0x3468d0b8U,
-    0x3162c4a6U, 0xd4b577c2U, 0xd0bd67daU, 0x86112233U,
-    0x7efce519U, 0xad478ec9U, 0xfde7d334U, 0x2952a4f6U,
-    0x3060c0a0U, 0x3b76ec9aU, 0x9f234665U, 0xf8edc72aU,
-    0xc6913faeU, 0x13264c6aU, 0x060c1814U, 0x050a141eU,
-    0xc59733a4U, 0x11224466U, 0x77eec12fU, 0x7cf8ed15U,
-    0x7af4f501U, 0x78f0fd0dU, 0x366cd8b4U, 0x1c387048U,
-    0x3972e496U, 0x59b279cbU, 0x18306050U, 0x56ac45e9U,
-    0xb37bf68dU, 0xb07dfa87U, 0x244890d8U, 0x204080c0U,
-    0xb279f28bU, 0x9239724bU, 0xa35bb6edU, 0xc09d27baU,
-    0x44880d85U, 0x62c49551U, 0x10204060U, 0xb475ea9fU,
-    0x84152a3fU, 0x43861197U, 0x933b764dU, 0xc2992fb6U,
-    0x4a9435a1U, 0xbd67cea9U, 0x8f030605U, 0x2d5ab4eeU,
-    0xbc65caafU, 0x9c254a6fU, 0x6ad4b561U, 0x40801d9dU,
-    0xcf831b98U, 0xa259b2ebU, 0x801d3a27U, 0x4f9e21bfU,
-    0x1f3e7c42U, 0xca890f86U, 0xaa4992dbU, 0x42841591U,
-};
-
-static const ulong32 T1[256] = {
-    0x69babbd2U, 0xa854e54dU, 0x5e2fe2bcU, 0xe87425cdU,
-    0xa653f751U, 0xbbd3d06bU, 0xb9d2d66fU, 0x9a4db329U,
-    0xa050fd5dU, 0x45accf8aU, 0x078d090eU, 0x63bfa5c6U,
-    0xe0703dddU, 0xa452f155U, 0x299a7b52U, 0x984cb52dU,
-    0xc9ea468fU, 0xb7d5c473U, 0x33975566U, 0xbfd1dc63U,
-    0x6633aaccU, 0xa251fb59U, 0xb65bc771U, 0x51a6f3a2U,
-    0xa1defe5fU, 0x9048ad3dU, 0x4da8d79aU, 0x2f99715eU,
-    0xabdbe04bU, 0x6432acc8U, 0x73b795e6U, 0xe5fc32d7U,
-    0xdbe370abU, 0x219e6342U, 0x3f91417eU, 0x2b9b7d56U,
-    0xd9e276afU, 0x6bbbbdd6U, 0x82419b19U, 0xdc6e79a5U,
-    0x57a5f9aeU, 0x8bcb800bU, 0xd66b67b1U, 0x3795596eU,
-    0x5fa1e1beU, 0xfbf310ebU, 0x7fb181feU, 0x04020c08U,
-    0x85cc9217U, 0x95c4a237U, 0x3a1d4e74U, 0x28147850U,
-    0x9bc3b02bU, 0xc6635791U, 0xa9dae64fU, 0xba5dd369U,
-    0xbe5fdf61U, 0xa5dcf257U, 0xfa7d13e9U, 0x87cd9413U,
-    0xfe7f1fe1U, 0xb45ac175U, 0xd86c75adU, 0xb85cd56dU,
-    0xf3f708fbU, 0x4c26d498U, 0xe3ff38dbU, 0xc7ed5493U,
-    0xcde84a87U, 0x279d694eU, 0xde6f7fa1U, 0x018e0302U,
-    0x32195664U, 0x5da0e7baU, 0xfdf01ae7U, 0x0f89111eU,
-    0x1e0f223cU, 0x0e07121cU, 0x43afc586U, 0xebfb20cbU,
-    0x10083020U, 0x2a157e54U, 0x1a0d2e34U, 0x08041810U,
-    0x02010604U, 0xc864458dU, 0xa3dff85bU, 0xec7629c5U,
-    0xf2790bf9U, 0xa7ddf453U, 0x7a3d8ef4U, 0x2c167458U,
-    0x7e3f82fcU, 0x6e37b2dcU, 0xda6d73a9U, 0x703890e0U,
-    0x6fb9b1deU, 0xe67337d1U, 0xcfe94c83U, 0x6a35bed4U,
-    0xaa55e349U, 0xe2713bd9U, 0xf67b07f1U, 0x058c0f0aU,
-    0xe47231d5U, 0x0d88171aU, 0xf1f60effU, 0x542afca8U,
-    0x7c3e84f8U, 0xbc5ed965U, 0x4e27d29cU, 0x8c468905U,
-    0x180c2830U, 0xca654389U, 0xd0686dbdU, 0xc2615b99U,
-    0x06030a0cU, 0x9fc1bc23U, 0xae57ef41U, 0xb1d6ce7fU,
-    0xafd9ec43U, 0xb058cd7dU, 0xadd8ea47U, 0xcc664985U,
-    0xb3d7c87bU, 0x743a9ce8U, 0x8dc88a07U, 0x783c88f0U,
-    0xe9fa26cfU, 0x31965362U, 0x53a7f5a6U, 0x2d98775aU,
-    0xc5ec5297U, 0x6db8b7daU, 0x93c7a83bU, 0x41aec382U,
-    0xd2696bb9U, 0x964ba731U, 0x4babdd96U, 0x4fa9d19eU,
-    0xce674f81U, 0x140a3c28U, 0x8e478f01U, 0xf9f216efU,
-    0x77b599eeU, 0x4422cc88U, 0xd7e564b3U, 0xc1ee5e9fU,
-    0x61bea3c2U, 0x562bfaacU, 0x1f81213eU, 0x24126c48U,
-    0x1b832d36U, 0x361b5a6cU, 0x1c0e2438U, 0x4623ca8cU,
-    0xf7f504f3U, 0x8a458309U, 0x4221c684U, 0x81ce9e1fU,
-    0x9249ab39U, 0x582ce8b0U, 0xeff92cc3U, 0xd1e66ebfU,
-    0x71b693e2U, 0x5028f0a0U, 0x2e17725cU, 0x19822b32U,
-    0x341a5c68U, 0x0b8b1d16U, 0xe1fe3edfU, 0x098a1b12U,
-    0x12093624U, 0x8fc98c03U, 0x13873526U, 0x9c4eb925U,
-    0xdfe17ca3U, 0x5c2ee4b8U, 0xd5e462b7U, 0xdde07aa7U,
-    0xcbeb408bU, 0x3d90477aU, 0x55a4ffaaU, 0x3c1e4478U,
-    0x1785392eU, 0xc0605d9dU, 0x00000000U, 0x4a25de94U,
-    0xf5f402f7U, 0xfff11ce3U, 0x35945f6aU, 0x160b3a2cU,
-    0xd3e768bbU, 0xea7523c9U, 0xc3ef589bU, 0x6834b8d0U,
-    0x6231a6c4U, 0xb5d4c277U, 0xbdd0da67U, 0x11863322U,
-    0xfc7e19e5U, 0x47adc98eU, 0xe7fd34d3U, 0x5229f6a4U,
-    0x6030a0c0U, 0x763b9aecU, 0x239f6546U, 0xedf82ac7U,
-    0x91c6ae3fU, 0x26136a4cU, 0x0c061418U, 0x0a051e14U,
-    0x97c5a433U, 0x22116644U, 0xee772fc1U, 0xf87c15edU,
-    0xf47a01f5U, 0xf0780dfdU, 0x6c36b4d8U, 0x381c4870U,
-    0x723996e4U, 0xb259cb79U, 0x30185060U, 0xac56e945U,
-    0x7bb38df6U, 0x7db087faU, 0x4824d890U, 0x4020c080U,
-    0x79b28bf2U, 0x39924b72U, 0x5ba3edb6U, 0x9dc0ba27U,
-    0x8844850dU, 0xc4625195U, 0x20106040U, 0x75b49feaU,
-    0x15843f2aU, 0x86439711U, 0x3b934d76U, 0x99c2b62fU,
-    0x944aa135U, 0x67bda9ceU, 0x038f0506U, 0x5a2deeb4U,
-    0x65bcafcaU, 0x259c6f4aU, 0xd46a61b5U, 0x80409d1dU,
-    0x83cf981bU, 0x59a2ebb2U, 0x1d80273aU, 0x9e4fbf21U,
-    0x3e1f427cU, 0x89ca860fU, 0x49aadb92U, 0x84429115U,
-};
-
-static const ulong32 T2[256] = {
-    0xd2bbba69U, 0x4de554a8U, 0xbce22f5eU, 0xcd2574e8U,
-    0x51f753a6U, 0x6bd0d3bbU, 0x6fd6d2b9U, 0x29b34d9aU,
-    0x5dfd50a0U, 0x8acfac45U, 0x0e098d07U, 0xc6a5bf63U,
-    0xdd3d70e0U, 0x55f152a4U, 0x527b9a29U, 0x2db54c98U,
-    0x8f46eac9U, 0x73c4d5b7U, 0x66559733U, 0x63dcd1bfU,
-    0xccaa3366U, 0x59fb51a2U, 0x71c75bb6U, 0xa2f3a651U,
-    0x5ffedea1U, 0x3dad4890U, 0x9ad7a84dU, 0x5e71992fU,
-    0x4be0dbabU, 0xc8ac3264U, 0xe695b773U, 0xd732fce5U,
-    0xab70e3dbU, 0x42639e21U, 0x7e41913fU, 0x567d9b2bU,
-    0xaf76e2d9U, 0xd6bdbb6bU, 0x199b4182U, 0xa5796edcU,
-    0xaef9a557U, 0x0b80cb8bU, 0xb1676bd6U, 0x6e599537U,
-    0xbee1a15fU, 0xeb10f3fbU, 0xfe81b17fU, 0x080c0204U,
-    0x1792cc85U, 0x37a2c495U, 0x744e1d3aU, 0x50781428U,
-    0x2bb0c39bU, 0x915763c6U, 0x4fe6daa9U, 0x69d35dbaU,
-    0x61df5fbeU, 0x57f2dca5U, 0xe9137dfaU, 0x1394cd87U,
-    0xe11f7ffeU, 0x75c15ab4U, 0xad756cd8U, 0x6dd55cb8U,
-    0xfb08f7f3U, 0x98d4264cU, 0xdb38ffe3U, 0x9354edc7U,
-    0x874ae8cdU, 0x4e699d27U, 0xa17f6fdeU, 0x02038e01U,
-    0x64561932U, 0xbae7a05dU, 0xe71af0fdU, 0x1e11890fU,
-    0x3c220f1eU, 0x1c12070eU, 0x86c5af43U, 0xcb20fbebU,
-    0x20300810U, 0x547e152aU, 0x342e0d1aU, 0x10180408U,
-    0x04060102U, 0x8d4564c8U, 0x5bf8dfa3U, 0xc52976ecU,
-    0xf90b79f2U, 0x53f4dda7U, 0xf48e3d7aU, 0x5874162cU,
-    0xfc823f7eU, 0xdcb2376eU, 0xa9736ddaU, 0xe0903870U,
-    0xdeb1b96fU, 0xd13773e6U, 0x834ce9cfU, 0xd4be356aU,
-    0x49e355aaU, 0xd93b71e2U, 0xf1077bf6U, 0x0a0f8c05U,
-    0xd53172e4U, 0x1a17880dU, 0xff0ef6f1U, 0xa8fc2a54U,
-    0xf8843e7cU, 0x65d95ebcU, 0x9cd2274eU, 0x0589468cU,
-    0x30280c18U, 0x894365caU, 0xbd6d68d0U, 0x995b61c2U,
-    0x0c0a0306U, 0x23bcc19fU, 0x41ef57aeU, 0x7fced6b1U,
-    0x43ecd9afU, 0x7dcd58b0U, 0x47ead8adU, 0x854966ccU,
-    0x7bc8d7b3U, 0xe89c3a74U, 0x078ac88dU, 0xf0883c78U,
-    0xcf26fae9U, 0x62539631U, 0xa6f5a753U, 0x5a77982dU,
-    0x9752ecc5U, 0xdab7b86dU, 0x3ba8c793U, 0x82c3ae41U,
-    0xb96b69d2U, 0x31a74b96U, 0x96ddab4bU, 0x9ed1a94fU,
-    0x814f67ceU, 0x283c0a14U, 0x018f478eU, 0xef16f2f9U,
-    0xee99b577U, 0x88cc2244U, 0xb364e5d7U, 0x9f5eeec1U,
-    0xc2a3be61U, 0xacfa2b56U, 0x3e21811fU, 0x486c1224U,
-    0x362d831bU, 0x6c5a1b36U, 0x38240e1cU, 0x8cca2346U,
-    0xf304f5f7U, 0x0983458aU, 0x84c62142U, 0x1f9ece81U,
-    0x39ab4992U, 0xb0e82c58U, 0xc32cf9efU, 0xbf6ee6d1U,
-    0xe293b671U, 0xa0f02850U, 0x5c72172eU, 0x322b8219U,
-    0x685c1a34U, 0x161d8b0bU, 0xdf3efee1U, 0x121b8a09U,
-    0x24360912U, 0x038cc98fU, 0x26358713U, 0x25b94e9cU,
-    0xa37ce1dfU, 0xb8e42e5cU, 0xb762e4d5U, 0xa77ae0ddU,
-    0x8b40ebcbU, 0x7a47903dU, 0xaaffa455U, 0x78441e3cU,
-    0x2e398517U, 0x9d5d60c0U, 0x00000000U, 0x94de254aU,
-    0xf702f4f5U, 0xe31cf1ffU, 0x6a5f9435U, 0x2c3a0b16U,
-    0xbb68e7d3U, 0xc92375eaU, 0x9b58efc3U, 0xd0b83468U,
-    0xc4a63162U, 0x77c2d4b5U, 0x67dad0bdU, 0x22338611U,
-    0xe5197efcU, 0x8ec9ad47U, 0xd334fde7U, 0xa4f62952U,
-    0xc0a03060U, 0xec9a3b76U, 0x46659f23U, 0xc72af8edU,
-    0x3faec691U, 0x4c6a1326U, 0x1814060cU, 0x141e050aU,
-    0x33a4c597U, 0x44661122U, 0xc12f77eeU, 0xed157cf8U,
-    0xf5017af4U, 0xfd0d78f0U, 0xd8b4366cU, 0x70481c38U,
-    0xe4963972U, 0x79cb59b2U, 0x60501830U, 0x45e956acU,
-    0xf68db37bU, 0xfa87b07dU, 0x90d82448U, 0x80c02040U,
-    0xf28bb279U, 0x724b9239U, 0xb6eda35bU, 0x27bac09dU,
-    0x0d854488U, 0x955162c4U, 0x40601020U, 0xea9fb475U,
-    0x2a3f8415U, 0x11974386U, 0x764d933bU, 0x2fb6c299U,
-    0x35a14a94U, 0xcea9bd67U, 0x06058f03U, 0xb4ee2d5aU,
-    0xcaafbc65U, 0x4a6f9c25U, 0xb5616ad4U, 0x1d9d4080U,
-    0x1b98cf83U, 0xb2eba259U, 0x3a27801dU, 0x21bf4f9eU,
-    0x7c421f3eU, 0x0f86ca89U, 0x92dbaa49U, 0x15914284U,
-};
-
-static const ulong32 T3[256] = {
-    0xbbd269baU, 0xe54da854U, 0xe2bc5e2fU, 0x25cde874U,
-    0xf751a653U, 0xd06bbbd3U, 0xd66fb9d2U, 0xb3299a4dU,
-    0xfd5da050U, 0xcf8a45acU, 0x090e078dU, 0xa5c663bfU,
-    0x3ddde070U, 0xf155a452U, 0x7b52299aU, 0xb52d984cU,
-    0x468fc9eaU, 0xc473b7d5U, 0x55663397U, 0xdc63bfd1U,
-    0xaacc6633U, 0xfb59a251U, 0xc771b65bU, 0xf3a251a6U,
-    0xfe5fa1deU, 0xad3d9048U, 0xd79a4da8U, 0x715e2f99U,
-    0xe04babdbU, 0xacc86432U, 0x95e673b7U, 0x32d7e5fcU,
-    0x70abdbe3U, 0x6342219eU, 0x417e3f91U, 0x7d562b9bU,
-    0x76afd9e2U, 0xbdd66bbbU, 0x9b198241U, 0x79a5dc6eU,
-    0xf9ae57a5U, 0x800b8bcbU, 0x67b1d66bU, 0x596e3795U,
-    0xe1be5fa1U, 0x10ebfbf3U, 0x81fe7fb1U, 0x0c080402U,
-    0x921785ccU, 0xa23795c4U, 0x4e743a1dU, 0x78502814U,
-    0xb02b9bc3U, 0x5791c663U, 0xe64fa9daU, 0xd369ba5dU,
-    0xdf61be5fU, 0xf257a5dcU, 0x13e9fa7dU, 0x941387cdU,
-    0x1fe1fe7fU, 0xc175b45aU, 0x75add86cU, 0xd56db85cU,
-    0x08fbf3f7U, 0xd4984c26U, 0x38dbe3ffU, 0x5493c7edU,
-    0x4a87cde8U, 0x694e279dU, 0x7fa1de6fU, 0x0302018eU,
-    0x56643219U, 0xe7ba5da0U, 0x1ae7fdf0U, 0x111e0f89U,
-    0x223c1e0fU, 0x121c0e07U, 0xc58643afU, 0x20cbebfbU,
-    0x30201008U, 0x7e542a15U, 0x2e341a0dU, 0x18100804U,
-    0x06040201U, 0x458dc864U, 0xf85ba3dfU, 0x29c5ec76U,
-    0x0bf9f279U, 0xf453a7ddU, 0x8ef47a3dU, 0x74582c16U,
-    0x82fc7e3fU, 0xb2dc6e37U, 0x73a9da6dU, 0x90e07038U,
-    0xb1de6fb9U, 0x37d1e673U, 0x4c83cfe9U, 0xbed46a35U,
-    0xe349aa55U, 0x3bd9e271U, 0x07f1f67bU, 0x0f0a058cU,
-    0x31d5e472U, 0x171a0d88U, 0x0efff1f6U, 0xfca8542aU,
-    0x84f87c3eU, 0xd965bc5eU, 0xd29c4e27U, 0x89058c46U,
-    0x2830180cU, 0x4389ca65U, 0x6dbdd068U, 0x5b99c261U,
-    0x0a0c0603U, 0xbc239fc1U, 0xef41ae57U, 0xce7fb1d6U,
-    0xec43afd9U, 0xcd7db058U, 0xea47add8U, 0x4985cc66U,
-    0xc87bb3d7U, 0x9ce8743aU, 0x8a078dc8U, 0x88f0783cU,
-    0x26cfe9faU, 0x53623196U, 0xf5a653a7U, 0x775a2d98U,
-    0x5297c5ecU, 0xb7da6db8U, 0xa83b93c7U, 0xc38241aeU,
-    0x6bb9d269U, 0xa731964bU, 0xdd964babU, 0xd19e4fa9U,
-    0x4f81ce67U, 0x3c28140aU, 0x8f018e47U, 0x16eff9f2U,
-    0x99ee77b5U, 0xcc884422U, 0x64b3d7e5U, 0x5e9fc1eeU,
-    0xa3c261beU, 0xfaac562bU, 0x213e1f81U, 0x6c482412U,
-    0x2d361b83U, 0x5a6c361bU, 0x24381c0eU, 0xca8c4623U,
-    0x04f3f7f5U, 0x83098a45U, 0xc6844221U, 0x9e1f81ceU,
-    0xab399249U, 0xe8b0582cU, 0x2cc3eff9U, 0x6ebfd1e6U,
-    0x93e271b6U, 0xf0a05028U, 0x725c2e17U, 0x2b321982U,
-    0x5c68341aU, 0x1d160b8bU, 0x3edfe1feU, 0x1b12098aU,
-    0x36241209U, 0x8c038fc9U, 0x35261387U, 0xb9259c4eU,
-    0x7ca3dfe1U, 0xe4b85c2eU, 0x62b7d5e4U, 0x7aa7dde0U,
-    0x408bcbebU, 0x477a3d90U, 0xffaa55a4U, 0x44783c1eU,
-    0x392e1785U, 0x5d9dc060U, 0x00000000U, 0xde944a25U,
-    0x02f7f5f4U, 0x1ce3fff1U, 0x5f6a3594U, 0x3a2c160bU,
-    0x68bbd3e7U, 0x23c9ea75U, 0x589bc3efU, 0xb8d06834U,
-    0xa6c46231U, 0xc277b5d4U, 0xda67bdd0U, 0x33221186U,
-    0x19e5fc7eU, 0xc98e47adU, 0x34d3e7fdU, 0xf6a45229U,
-    0xa0c06030U, 0x9aec763bU, 0x6546239fU, 0x2ac7edf8U,
-    0xae3f91c6U, 0x6a4c2613U, 0x14180c06U, 0x1e140a05U,
-    0xa43397c5U, 0x66442211U, 0x2fc1ee77U, 0x15edf87cU,
-    0x01f5f47aU, 0x0dfdf078U, 0xb4d86c36U, 0x4870381cU,
-    0x96e47239U, 0xcb79b259U, 0x50603018U, 0xe945ac56U,
-    0x8df67bb3U, 0x87fa7db0U, 0xd8904824U, 0xc0804020U,
-    0x8bf279b2U, 0x4b723992U, 0xedb65ba3U, 0xba279dc0U,
-    0x850d8844U, 0x5195c462U, 0x60402010U, 0x9fea75b4U,
-    0x3f2a1584U, 0x97118643U, 0x4d763b93U, 0xb62f99c2U,
-    0xa135944aU, 0xa9ce67bdU, 0x0506038fU, 0xeeb45a2dU,
-    0xafca65bcU, 0x6f4a259cU, 0x61b5d46aU, 0x9d1d8040U,
-    0x981b83cfU, 0xebb259a2U, 0x273a1d80U, 0xbf219e4fU,
-    0x427c3e1fU, 0x860f89caU, 0xdb9249aaU, 0x91158442U,
-};
-
-static const ulong32 T4[256] = {
-    0xbabababaU, 0x54545454U, 0x2f2f2f2fU, 0x74747474U,
-    0x53535353U, 0xd3d3d3d3U, 0xd2d2d2d2U, 0x4d4d4d4dU,
-    0x50505050U, 0xacacacacU, 0x8d8d8d8dU, 0xbfbfbfbfU,
-    0x70707070U, 0x52525252U, 0x9a9a9a9aU, 0x4c4c4c4cU,
-    0xeaeaeaeaU, 0xd5d5d5d5U, 0x97979797U, 0xd1d1d1d1U,
-    0x33333333U, 0x51515151U, 0x5b5b5b5bU, 0xa6a6a6a6U,
-    0xdedededeU, 0x48484848U, 0xa8a8a8a8U, 0x99999999U,
-    0xdbdbdbdbU, 0x32323232U, 0xb7b7b7b7U, 0xfcfcfcfcU,
-    0xe3e3e3e3U, 0x9e9e9e9eU, 0x91919191U, 0x9b9b9b9bU,
-    0xe2e2e2e2U, 0xbbbbbbbbU, 0x41414141U, 0x6e6e6e6eU,
-    0xa5a5a5a5U, 0xcbcbcbcbU, 0x6b6b6b6bU, 0x95959595U,
-    0xa1a1a1a1U, 0xf3f3f3f3U, 0xb1b1b1b1U, 0x02020202U,
-    0xccccccccU, 0xc4c4c4c4U, 0x1d1d1d1dU, 0x14141414U,
-    0xc3c3c3c3U, 0x63636363U, 0xdadadadaU, 0x5d5d5d5dU,
-    0x5f5f5f5fU, 0xdcdcdcdcU, 0x7d7d7d7dU, 0xcdcdcdcdU,
-    0x7f7f7f7fU, 0x5a5a5a5aU, 0x6c6c6c6cU, 0x5c5c5c5cU,
-    0xf7f7f7f7U, 0x26262626U, 0xffffffffU, 0xededededU,
-    0xe8e8e8e8U, 0x9d9d9d9dU, 0x6f6f6f6fU, 0x8e8e8e8eU,
-    0x19191919U, 0xa0a0a0a0U, 0xf0f0f0f0U, 0x89898989U,
-    0x0f0f0f0fU, 0x07070707U, 0xafafafafU, 0xfbfbfbfbU,
-    0x08080808U, 0x15151515U, 0x0d0d0d0dU, 0x04040404U,
-    0x01010101U, 0x64646464U, 0xdfdfdfdfU, 0x76767676U,
-    0x79797979U, 0xddddddddU, 0x3d3d3d3dU, 0x16161616U,
-    0x3f3f3f3fU, 0x37373737U, 0x6d6d6d6dU, 0x38383838U,
-    0xb9b9b9b9U, 0x73737373U, 0xe9e9e9e9U, 0x35353535U,
-    0x55555555U, 0x71717171U, 0x7b7b7b7bU, 0x8c8c8c8cU,
-    0x72727272U, 0x88888888U, 0xf6f6f6f6U, 0x2a2a2a2aU,
-    0x3e3e3e3eU, 0x5e5e5e5eU, 0x27272727U, 0x46464646U,
-    0x0c0c0c0cU, 0x65656565U, 0x68686868U, 0x61616161U,
-    0x03030303U, 0xc1c1c1c1U, 0x57575757U, 0xd6d6d6d6U,
-    0xd9d9d9d9U, 0x58585858U, 0xd8d8d8d8U, 0x66666666U,
-    0xd7d7d7d7U, 0x3a3a3a3aU, 0xc8c8c8c8U, 0x3c3c3c3cU,
-    0xfafafafaU, 0x96969696U, 0xa7a7a7a7U, 0x98989898U,
-    0xececececU, 0xb8b8b8b8U, 0xc7c7c7c7U, 0xaeaeaeaeU,
-    0x69696969U, 0x4b4b4b4bU, 0xababababU, 0xa9a9a9a9U,
-    0x67676767U, 0x0a0a0a0aU, 0x47474747U, 0xf2f2f2f2U,
-    0xb5b5b5b5U, 0x22222222U, 0xe5e5e5e5U, 0xeeeeeeeeU,
-    0xbebebebeU, 0x2b2b2b2bU, 0x81818181U, 0x12121212U,
-    0x83838383U, 0x1b1b1b1bU, 0x0e0e0e0eU, 0x23232323U,
-    0xf5f5f5f5U, 0x45454545U, 0x21212121U, 0xcecececeU,
-    0x49494949U, 0x2c2c2c2cU, 0xf9f9f9f9U, 0xe6e6e6e6U,
-    0xb6b6b6b6U, 0x28282828U, 0x17171717U, 0x82828282U,
-    0x1a1a1a1aU, 0x8b8b8b8bU, 0xfefefefeU, 0x8a8a8a8aU,
-    0x09090909U, 0xc9c9c9c9U, 0x87878787U, 0x4e4e4e4eU,
-    0xe1e1e1e1U, 0x2e2e2e2eU, 0xe4e4e4e4U, 0xe0e0e0e0U,
-    0xebebebebU, 0x90909090U, 0xa4a4a4a4U, 0x1e1e1e1eU,
-    0x85858585U, 0x60606060U, 0x00000000U, 0x25252525U,
-    0xf4f4f4f4U, 0xf1f1f1f1U, 0x94949494U, 0x0b0b0b0bU,
-    0xe7e7e7e7U, 0x75757575U, 0xefefefefU, 0x34343434U,
-    0x31313131U, 0xd4d4d4d4U, 0xd0d0d0d0U, 0x86868686U,
-    0x7e7e7e7eU, 0xadadadadU, 0xfdfdfdfdU, 0x29292929U,
-    0x30303030U, 0x3b3b3b3bU, 0x9f9f9f9fU, 0xf8f8f8f8U,
-    0xc6c6c6c6U, 0x13131313U, 0x06060606U, 0x05050505U,
-    0xc5c5c5c5U, 0x11111111U, 0x77777777U, 0x7c7c7c7cU,
-    0x7a7a7a7aU, 0x78787878U, 0x36363636U, 0x1c1c1c1cU,
-    0x39393939U, 0x59595959U, 0x18181818U, 0x56565656U,
-    0xb3b3b3b3U, 0xb0b0b0b0U, 0x24242424U, 0x20202020U,
-    0xb2b2b2b2U, 0x92929292U, 0xa3a3a3a3U, 0xc0c0c0c0U,
-    0x44444444U, 0x62626262U, 0x10101010U, 0xb4b4b4b4U,
-    0x84848484U, 0x43434343U, 0x93939393U, 0xc2c2c2c2U,
-    0x4a4a4a4aU, 0xbdbdbdbdU, 0x8f8f8f8fU, 0x2d2d2d2dU,
-    0xbcbcbcbcU, 0x9c9c9c9cU, 0x6a6a6a6aU, 0x40404040U,
-    0xcfcfcfcfU, 0xa2a2a2a2U, 0x80808080U, 0x4f4f4f4fU,
-    0x1f1f1f1fU, 0xcacacacaU, 0xaaaaaaaaU, 0x42424242U,
-};
-
-static const ulong32 T5[256] = {
-    0x00000000U, 0x01020608U, 0x02040c10U, 0x03060a18U,
-    0x04081820U, 0x050a1e28U, 0x060c1430U, 0x070e1238U,
-    0x08103040U, 0x09123648U, 0x0a143c50U, 0x0b163a58U,
-    0x0c182860U, 0x0d1a2e68U, 0x0e1c2470U, 0x0f1e2278U,
-    0x10206080U, 0x11226688U, 0x12246c90U, 0x13266a98U,
-    0x142878a0U, 0x152a7ea8U, 0x162c74b0U, 0x172e72b8U,
-    0x183050c0U, 0x193256c8U, 0x1a345cd0U, 0x1b365ad8U,
-    0x1c3848e0U, 0x1d3a4ee8U, 0x1e3c44f0U, 0x1f3e42f8U,
-    0x2040c01dU, 0x2142c615U, 0x2244cc0dU, 0x2346ca05U,
-    0x2448d83dU, 0x254ade35U, 0x264cd42dU, 0x274ed225U,
-    0x2850f05dU, 0x2952f655U, 0x2a54fc4dU, 0x2b56fa45U,
-    0x2c58e87dU, 0x2d5aee75U, 0x2e5ce46dU, 0x2f5ee265U,
-    0x3060a09dU, 0x3162a695U, 0x3264ac8dU, 0x3366aa85U,
-    0x3468b8bdU, 0x356abeb5U, 0x366cb4adU, 0x376eb2a5U,
-    0x387090ddU, 0x397296d5U, 0x3a749ccdU, 0x3b769ac5U,
-    0x3c7888fdU, 0x3d7a8ef5U, 0x3e7c84edU, 0x3f7e82e5U,
-    0x40809d3aU, 0x41829b32U, 0x4284912aU, 0x43869722U,
-    0x4488851aU, 0x458a8312U, 0x468c890aU, 0x478e8f02U,
-    0x4890ad7aU, 0x4992ab72U, 0x4a94a16aU, 0x4b96a762U,
-    0x4c98b55aU, 0x4d9ab352U, 0x4e9cb94aU, 0x4f9ebf42U,
-    0x50a0fdbaU, 0x51a2fbb2U, 0x52a4f1aaU, 0x53a6f7a2U,
-    0x54a8e59aU, 0x55aae392U, 0x56ace98aU, 0x57aeef82U,
-    0x58b0cdfaU, 0x59b2cbf2U, 0x5ab4c1eaU, 0x5bb6c7e2U,
-    0x5cb8d5daU, 0x5dbad3d2U, 0x5ebcd9caU, 0x5fbedfc2U,
-    0x60c05d27U, 0x61c25b2fU, 0x62c45137U, 0x63c6573fU,
-    0x64c84507U, 0x65ca430fU, 0x66cc4917U, 0x67ce4f1fU,
-    0x68d06d67U, 0x69d26b6fU, 0x6ad46177U, 0x6bd6677fU,
-    0x6cd87547U, 0x6dda734fU, 0x6edc7957U, 0x6fde7f5fU,
-    0x70e03da7U, 0x71e23bafU, 0x72e431b7U, 0x73e637bfU,
-    0x74e82587U, 0x75ea238fU, 0x76ec2997U, 0x77ee2f9fU,
-    0x78f00de7U, 0x79f20befU, 0x7af401f7U, 0x7bf607ffU,
-    0x7cf815c7U, 0x7dfa13cfU, 0x7efc19d7U, 0x7ffe1fdfU,
-    0x801d2774U, 0x811f217cU, 0x82192b64U, 0x831b2d6cU,
-    0x84153f54U, 0x8517395cU, 0x86113344U, 0x8713354cU,
-    0x880d1734U, 0x890f113cU, 0x8a091b24U, 0x8b0b1d2cU,
-    0x8c050f14U, 0x8d07091cU, 0x8e010304U, 0x8f03050cU,
-    0x903d47f4U, 0x913f41fcU, 0x92394be4U, 0x933b4decU,
-    0x94355fd4U, 0x953759dcU, 0x963153c4U, 0x973355ccU,
-    0x982d77b4U, 0x992f71bcU, 0x9a297ba4U, 0x9b2b7dacU,
-    0x9c256f94U, 0x9d27699cU, 0x9e216384U, 0x9f23658cU,
-    0xa05de769U, 0xa15fe161U, 0xa259eb79U, 0xa35bed71U,
-    0xa455ff49U, 0xa557f941U, 0xa651f359U, 0xa753f551U,
-    0xa84dd729U, 0xa94fd121U, 0xaa49db39U, 0xab4bdd31U,
-    0xac45cf09U, 0xad47c901U, 0xae41c319U, 0xaf43c511U,
-    0xb07d87e9U, 0xb17f81e1U, 0xb2798bf9U, 0xb37b8df1U,
-    0xb4759fc9U, 0xb57799c1U, 0xb67193d9U, 0xb77395d1U,
-    0xb86db7a9U, 0xb96fb1a1U, 0xba69bbb9U, 0xbb6bbdb1U,
-    0xbc65af89U, 0xbd67a981U, 0xbe61a399U, 0xbf63a591U,
-    0xc09dba4eU, 0xc19fbc46U, 0xc299b65eU, 0xc39bb056U,
-    0xc495a26eU, 0xc597a466U, 0xc691ae7eU, 0xc793a876U,
-    0xc88d8a0eU, 0xc98f8c06U, 0xca89861eU, 0xcb8b8016U,
-    0xcc85922eU, 0xcd879426U, 0xce819e3eU, 0xcf839836U,
-    0xd0bddaceU, 0xd1bfdcc6U, 0xd2b9d6deU, 0xd3bbd0d6U,
-    0xd4b5c2eeU, 0xd5b7c4e6U, 0xd6b1cefeU, 0xd7b3c8f6U,
-    0xd8adea8eU, 0xd9afec86U, 0xdaa9e69eU, 0xdbabe096U,
-    0xdca5f2aeU, 0xdda7f4a6U, 0xdea1febeU, 0xdfa3f8b6U,
-    0xe0dd7a53U, 0xe1df7c5bU, 0xe2d97643U, 0xe3db704bU,
-    0xe4d56273U, 0xe5d7647bU, 0xe6d16e63U, 0xe7d3686bU,
-    0xe8cd4a13U, 0xe9cf4c1bU, 0xeac94603U, 0xebcb400bU,
-    0xecc55233U, 0xedc7543bU, 0xeec15e23U, 0xefc3582bU,
-    0xf0fd1ad3U, 0xf1ff1cdbU, 0xf2f916c3U, 0xf3fb10cbU,
-    0xf4f502f3U, 0xf5f704fbU, 0xf6f10ee3U, 0xf7f308ebU,
-    0xf8ed2a93U, 0xf9ef2c9bU, 0xfae92683U, 0xfbeb208bU,
-    0xfce532b3U, 0xfde734bbU, 0xfee13ea3U, 0xffe338abU,
-};
-
-/**
- * The round constants.
- */
-static const ulong32 rc[] = {
-    0xba542f74U, 0x53d3d24dU, 0x50ac8dbfU, 0x70529a4cU,
-    0xead597d1U, 0x33515ba6U, 0xde48a899U, 0xdb32b7fcU,
-    0xe39e919bU, 0xe2bb416eU, 0xa5cb6b95U, 0xa1f3b102U,
-    0xccc41d14U, 0xc363da5dU, 0x5fdc7dcdU, 0x7f5a6c5cU,
-    0xf726ffedU, 0xe89d6f8eU, 0x19a0f089U,
-};
-
-
-
-#else
-
-
-static const ulong32 T0[256] = {
-    0xa753a6f5U, 0xd3bb6bd0U, 0xe6d1bf6eU, 0x71e2d93bU,
-    0xd0bd67daU, 0xac458acfU, 0x4d9a29b3U, 0x79f2f90bU,
-    0x3a74e89cU, 0xc98f038cU, 0x913f7e41U, 0xfce5d732U,
-    0x1e3c7844U, 0x478e018fU, 0x54a84de5U, 0xbd67cea9U,
-    0x8c050a0fU, 0xa557aef9U, 0x7af4f501U, 0xfbebcb20U,
-    0x63c69157U, 0xb86ddab7U, 0xdda753f4U, 0xd4b577c2U,
-    0xe5d7b364U, 0xb37bf68dU, 0xc59733a4U, 0xbe61c2a3U,
-    0xa94f9ed1U, 0x880d1a17U, 0x0c183028U, 0xa259b2ebU,
-    0x3972e496U, 0xdfa35bf8U, 0x2952a4f6U, 0xdaa94fe6U,
-    0x2b56acfaU, 0xa84d9ad7U, 0xcb8b0b80U, 0x4c982db5U,
-    0x4b9631a7U, 0x224488ccU, 0xaa4992dbU, 0x244890d8U,
-    0x4182199bU, 0x70e0dd3dU, 0xa651a2f3U, 0xf9efc32cU,
-    0x5ab475c1U, 0xe2d9af76U, 0xb07dfa87U, 0x366cd8b4U,
-    0x7dfae913U, 0xe4d5b762U, 0x3366ccaaU, 0xffe3db38U,
-    0x60c09d5dU, 0x204080c0U, 0x08102030U, 0x8b0b161dU,
-    0x5ebc65d9U, 0xab4b96ddU, 0x7ffee11fU, 0x78f0fd0dU,
-    0x7cf8ed15U, 0x2c58b0e8U, 0x57ae41efU, 0xd2b96fd6U,
-    0xdca557f2U, 0x6ddaa973U, 0x7efce519U, 0x0d1a342eU,
-    0x53a651f7U, 0x94356a5fU, 0xc39b2bb0U, 0x2850a0f0U,
-    0x274e9cd2U, 0x060c1814U, 0x5fbe61dfU, 0xad478ec9U,
-    0x67ce814fU, 0x5cb86dd5U, 0x55aa49e3U, 0x48903dadU,
-    0x0e1c3824U, 0x52a455f1U, 0xeac98f46U, 0x42841591U,
-    0x5bb671c7U, 0x5dba69d3U, 0x3060c0a0U, 0x58b07dcdU,
-    0x51a259fbU, 0x59b279cbU, 0x3c78f088U, 0x4e9c25b9U,
-    0x3870e090U, 0x8a09121bU, 0x72e4d531U, 0x14285078U,
-    0xe7d3bb68U, 0xc6913faeU, 0xdea15ffeU, 0x50a05dfdU,
-    0x8e010203U, 0x9239724bU, 0xd1bf63dcU, 0x77eec12fU,
-    0x933b764dU, 0x458a0983U, 0x9a29527bU, 0xce811f9eU,
-    0x2d5ab4eeU, 0x03060c0aU, 0x62c49551U, 0xb671e293U,
-    0xb96fdeb1U, 0xbf63c6a5U, 0x96316253U, 0x6bd6b167U,
-    0x3f7efc82U, 0x070e1c12U, 0x1224486cU, 0xae4182c3U,
-    0x40801d9dU, 0x3468d0b8U, 0x468c0589U, 0x3e7cf884U,
-    0xdbab4be0U, 0xcf831b98U, 0xecc59752U, 0xcc851792U,
-    0xc19f23bcU, 0xa15fbee1U, 0xc09d27baU, 0xd6b17fceU,
-    0x1d3a744eU, 0xf4f5f702U, 0x61c2995bU, 0x3b76ec9aU,
-    0x10204060U, 0xd8ad47eaU, 0x68d0bd6dU, 0xa05dbae7U,
-    0xb17ffe81U, 0x0a14283cU, 0x69d2b96bU, 0x6cd8ad75U,
-    0x499239abU, 0xfae9cf26U, 0x76ecc529U, 0xc49537a2U,
-    0x9e214263U, 0x9b2b567dU, 0x6edca579U, 0x992f5e71U,
-    0xc2992fb6U, 0xb773e695U, 0x982d5a77U, 0xbc65caafU,
-    0x8f030605U, 0x85172e39U, 0x1f3e7c42U, 0xb475ea9fU,
-    0xf8edc72aU, 0x11224466U, 0x2e5cb8e4U, 0x00000000U,
-    0x254a94deU, 0x1c387048U, 0x2a54a8fcU, 0x3d7af48eU,
-    0x050a141eU, 0x4f9e21bfU, 0x7bf6f107U, 0xb279f28bU,
-    0x3264c8acU, 0x903d7a47U, 0xaf4386c5U, 0x19326456U,
-    0xa35bb6edU, 0xf7f3fb08U, 0x73e6d137U, 0x9d274e69U,
-    0x152a547eU, 0x74e8cd25U, 0xeec19f5eU, 0xca890f86U,
-    0x9f234665U, 0x0f1e3c22U, 0x1b366c5aU, 0x75eac923U,
-    0x86112233U, 0x84152a3fU, 0x9c254a6fU, 0x4a9435a1U,
-    0x97336655U, 0x1a34685cU, 0x65ca8943U, 0xf6f1ff0eU,
-    0xedc79354U, 0x09122436U, 0xbb6bd6bdU, 0x264c98d4U,
-    0x831b362dU, 0xebcb8b40U, 0x6fdea17fU, 0x811f3e21U,
-    0x04081018U, 0x6ad4b561U, 0x43861197U, 0x01020406U,
-    0x172e5c72U, 0xe1dfa37cU, 0x87132635U, 0xf5f7f304U,
-    0x8d070e09U, 0xe3dbab70U, 0x23468ccaU, 0x801d3a27U,
-    0x44880d85U, 0x162c5874U, 0x66cc8549U, 0x214284c6U,
-    0xfee1df3eU, 0xd5b773c4U, 0x3162c4a6U, 0xd9af43ecU,
-    0x356ad4beU, 0x18306050U, 0x0204080cU, 0x64c88d45U,
-    0xf2f9ef16U, 0xf1ffe31cU, 0x56ac45e9U, 0xcd871394U,
-    0x8219322bU, 0xc88d078aU, 0xba69d2bbU, 0xf0fde71aU,
-    0xefc39b58U, 0xe9cf834cU, 0xe8cd874aU, 0xfde7d334U,
-    0x890f1e11U, 0xd7b37bc8U, 0xc7933ba8U, 0xb577ee99U,
-    0xa455aaffU, 0x2f5ebce2U, 0x95376e59U, 0x13264c6aU,
-    0x0b162c3aU, 0xf3fbeb10U, 0xe0dda77aU, 0x376edcb2U,
-};
-
-static const ulong32 T1[256] = {
-    0x53a7f5a6U, 0xbbd3d06bU, 0xd1e66ebfU, 0xe2713bd9U,
-    0xbdd0da67U, 0x45accf8aU, 0x9a4db329U, 0xf2790bf9U,
-    0x743a9ce8U, 0x8fc98c03U, 0x3f91417eU, 0xe5fc32d7U,
-    0x3c1e4478U, 0x8e478f01U, 0xa854e54dU, 0x67bda9ceU,
-    0x058c0f0aU, 0x57a5f9aeU, 0xf47a01f5U, 0xebfb20cbU,
-    0xc6635791U, 0x6db8b7daU, 0xa7ddf453U, 0xb5d4c277U,
-    0xd7e564b3U, 0x7bb38df6U, 0x97c5a433U, 0x61bea3c2U,
-    0x4fa9d19eU, 0x0d88171aU, 0x180c2830U, 0x59a2ebb2U,
-    0x723996e4U, 0xa3dff85bU, 0x5229f6a4U, 0xa9dae64fU,
-    0x562bfaacU, 0x4da8d79aU, 0x8bcb800bU, 0x984cb52dU,
-    0x964ba731U, 0x4422cc88U, 0x49aadb92U, 0x4824d890U,
-    0x82419b19U, 0xe0703dddU, 0x51a6f3a2U, 0xeff92cc3U,
-    0xb45ac175U, 0xd9e276afU, 0x7db087faU, 0x6c36b4d8U,
-    0xfa7d13e9U, 0xd5e462b7U, 0x6633aaccU, 0xe3ff38dbU,
-    0xc0605d9dU, 0x4020c080U, 0x10083020U, 0x0b8b1d16U,
-    0xbc5ed965U, 0x4babdd96U, 0xfe7f1fe1U, 0xf0780dfdU,
-    0xf87c15edU, 0x582ce8b0U, 0xae57ef41U, 0xb9d2d66fU,
-    0xa5dcf257U, 0xda6d73a9U, 0xfc7e19e5U, 0x1a0d2e34U,
-    0xa653f751U, 0x35945f6aU, 0x9bc3b02bU, 0x5028f0a0U,
-    0x4e27d29cU, 0x0c061418U, 0xbe5fdf61U, 0x47adc98eU,
-    0xce674f81U, 0xb85cd56dU, 0xaa55e349U, 0x9048ad3dU,
-    0x1c0e2438U, 0xa452f155U, 0xc9ea468fU, 0x84429115U,
-    0xb65bc771U, 0xba5dd369U, 0x6030a0c0U, 0xb058cd7dU,
-    0xa251fb59U, 0xb259cb79U, 0x783c88f0U, 0x9c4eb925U,
-    0x703890e0U, 0x098a1b12U, 0xe47231d5U, 0x28147850U,
-    0xd3e768bbU, 0x91c6ae3fU, 0xa1defe5fU, 0xa050fd5dU,
-    0x018e0302U, 0x39924b72U, 0xbfd1dc63U, 0xee772fc1U,
-    0x3b934d76U, 0x8a458309U, 0x299a7b52U, 0x81ce9e1fU,
-    0x5a2deeb4U, 0x06030a0cU, 0xc4625195U, 0x71b693e2U,
-    0x6fb9b1deU, 0x63bfa5c6U, 0x31965362U, 0xd66b67b1U,
-    0x7e3f82fcU, 0x0e07121cU, 0x24126c48U, 0x41aec382U,
-    0x80409d1dU, 0x6834b8d0U, 0x8c468905U, 0x7c3e84f8U,
-    0xabdbe04bU, 0x83cf981bU, 0xc5ec5297U, 0x85cc9217U,
-    0x9fc1bc23U, 0x5fa1e1beU, 0x9dc0ba27U, 0xb1d6ce7fU,
-    0x3a1d4e74U, 0xf5f402f7U, 0xc2615b99U, 0x763b9aecU,
-    0x20106040U, 0xadd8ea47U, 0xd0686dbdU, 0x5da0e7baU,
-    0x7fb181feU, 0x140a3c28U, 0xd2696bb9U, 0xd86c75adU,
-    0x9249ab39U, 0xe9fa26cfU, 0xec7629c5U, 0x95c4a237U,
-    0x219e6342U, 0x2b9b7d56U, 0xdc6e79a5U, 0x2f99715eU,
-    0x99c2b62fU, 0x73b795e6U, 0x2d98775aU, 0x65bcafcaU,
-    0x038f0506U, 0x1785392eU, 0x3e1f427cU, 0x75b49feaU,
-    0xedf82ac7U, 0x22116644U, 0x5c2ee4b8U, 0x00000000U,
-    0x4a25de94U, 0x381c4870U, 0x542afca8U, 0x7a3d8ef4U,
-    0x0a051e14U, 0x9e4fbf21U, 0xf67b07f1U, 0x79b28bf2U,
-    0x6432acc8U, 0x3d90477aU, 0x43afc586U, 0x32195664U,
-    0x5ba3edb6U, 0xf3f708fbU, 0xe67337d1U, 0x279d694eU,
-    0x2a157e54U, 0xe87425cdU, 0xc1ee5e9fU, 0x89ca860fU,
-    0x239f6546U, 0x1e0f223cU, 0x361b5a6cU, 0xea7523c9U,
-    0x11863322U, 0x15843f2aU, 0x259c6f4aU, 0x944aa135U,
-    0x33975566U, 0x341a5c68U, 0xca654389U, 0xf1f60effU,
-    0xc7ed5493U, 0x12093624U, 0x6bbbbdd6U, 0x4c26d498U,
-    0x1b832d36U, 0xcbeb408bU, 0xde6f7fa1U, 0x1f81213eU,
-    0x08041810U, 0xd46a61b5U, 0x86439711U, 0x02010604U,
-    0x2e17725cU, 0xdfe17ca3U, 0x13873526U, 0xf7f504f3U,
-    0x078d090eU, 0xdbe370abU, 0x4623ca8cU, 0x1d80273aU,
-    0x8844850dU, 0x2c167458U, 0xcc664985U, 0x4221c684U,
-    0xe1fe3edfU, 0xb7d5c473U, 0x6231a6c4U, 0xafd9ec43U,
-    0x6a35bed4U, 0x30185060U, 0x04020c08U, 0xc864458dU,
-    0xf9f216efU, 0xfff11ce3U, 0xac56e945U, 0x87cd9413U,
-    0x19822b32U, 0x8dc88a07U, 0x69babbd2U, 0xfdf01ae7U,
-    0xc3ef589bU, 0xcfe94c83U, 0xcde84a87U, 0xe7fd34d3U,
-    0x0f89111eU, 0xb3d7c87bU, 0x93c7a83bU, 0x77b599eeU,
-    0x55a4ffaaU, 0x5e2fe2bcU, 0x3795596eU, 0x26136a4cU,
-    0x160b3a2cU, 0xfbf310ebU, 0xdde07aa7U, 0x6e37b2dcU,
-};
-
-static const ulong32 T2[256] = {
-    0xa6f5a753U, 0x6bd0d3bbU, 0xbf6ee6d1U, 0xd93b71e2U,
-    0x67dad0bdU, 0x8acfac45U, 0x29b34d9aU, 0xf90b79f2U,
-    0xe89c3a74U, 0x038cc98fU, 0x7e41913fU, 0xd732fce5U,
-    0x78441e3cU, 0x018f478eU, 0x4de554a8U, 0xcea9bd67U,
-    0x0a0f8c05U, 0xaef9a557U, 0xf5017af4U, 0xcb20fbebU,
-    0x915763c6U, 0xdab7b86dU, 0x53f4dda7U, 0x77c2d4b5U,
-    0xb364e5d7U, 0xf68db37bU, 0x33a4c597U, 0xc2a3be61U,
-    0x9ed1a94fU, 0x1a17880dU, 0x30280c18U, 0xb2eba259U,
-    0xe4963972U, 0x5bf8dfa3U, 0xa4f62952U, 0x4fe6daa9U,
-    0xacfa2b56U, 0x9ad7a84dU, 0x0b80cb8bU, 0x2db54c98U,
-    0x31a74b96U, 0x88cc2244U, 0x92dbaa49U, 0x90d82448U,
-    0x199b4182U, 0xdd3d70e0U, 0xa2f3a651U, 0xc32cf9efU,
-    0x75c15ab4U, 0xaf76e2d9U, 0xfa87b07dU, 0xd8b4366cU,
-    0xe9137dfaU, 0xb762e4d5U, 0xccaa3366U, 0xdb38ffe3U,
-    0x9d5d60c0U, 0x80c02040U, 0x20300810U, 0x161d8b0bU,
-    0x65d95ebcU, 0x96ddab4bU, 0xe11f7ffeU, 0xfd0d78f0U,
-    0xed157cf8U, 0xb0e82c58U, 0x41ef57aeU, 0x6fd6d2b9U,
-    0x57f2dca5U, 0xa9736ddaU, 0xe5197efcU, 0x342e0d1aU,
-    0x51f753a6U, 0x6a5f9435U, 0x2bb0c39bU, 0xa0f02850U,
-    0x9cd2274eU, 0x1814060cU, 0x61df5fbeU, 0x8ec9ad47U,
-    0x814f67ceU, 0x6dd55cb8U, 0x49e355aaU, 0x3dad4890U,
-    0x38240e1cU, 0x55f152a4U, 0x8f46eac9U, 0x15914284U,
-    0x71c75bb6U, 0x69d35dbaU, 0xc0a03060U, 0x7dcd58b0U,
-    0x59fb51a2U, 0x79cb59b2U, 0xf0883c78U, 0x25b94e9cU,
-    0xe0903870U, 0x121b8a09U, 0xd53172e4U, 0x50781428U,
-    0xbb68e7d3U, 0x3faec691U, 0x5ffedea1U, 0x5dfd50a0U,
-    0x02038e01U, 0x724b9239U, 0x63dcd1bfU, 0xc12f77eeU,
-    0x764d933bU, 0x0983458aU, 0x527b9a29U, 0x1f9ece81U,
-    0xb4ee2d5aU, 0x0c0a0306U, 0x955162c4U, 0xe293b671U,
-    0xdeb1b96fU, 0xc6a5bf63U, 0x62539631U, 0xb1676bd6U,
-    0xfc823f7eU, 0x1c12070eU, 0x486c1224U, 0x82c3ae41U,
-    0x1d9d4080U, 0xd0b83468U, 0x0589468cU, 0xf8843e7cU,
-    0x4be0dbabU, 0x1b98cf83U, 0x9752ecc5U, 0x1792cc85U,
-    0x23bcc19fU, 0xbee1a15fU, 0x27bac09dU, 0x7fced6b1U,
-    0x744e1d3aU, 0xf702f4f5U, 0x995b61c2U, 0xec9a3b76U,
-    0x40601020U, 0x47ead8adU, 0xbd6d68d0U, 0xbae7a05dU,
-    0xfe81b17fU, 0x283c0a14U, 0xb96b69d2U, 0xad756cd8U,
-    0x39ab4992U, 0xcf26fae9U, 0xc52976ecU, 0x37a2c495U,
-    0x42639e21U, 0x567d9b2bU, 0xa5796edcU, 0x5e71992fU,
-    0x2fb6c299U, 0xe695b773U, 0x5a77982dU, 0xcaafbc65U,
-    0x06058f03U, 0x2e398517U, 0x7c421f3eU, 0xea9fb475U,
-    0xc72af8edU, 0x44661122U, 0xb8e42e5cU, 0x00000000U,
-    0x94de254aU, 0x70481c38U, 0xa8fc2a54U, 0xf48e3d7aU,
-    0x141e050aU, 0x21bf4f9eU, 0xf1077bf6U, 0xf28bb279U,
-    0xc8ac3264U, 0x7a47903dU, 0x86c5af43U, 0x64561932U,
-    0xb6eda35bU, 0xfb08f7f3U, 0xd13773e6U, 0x4e699d27U,
-    0x547e152aU, 0xcd2574e8U, 0x9f5eeec1U, 0x0f86ca89U,
-    0x46659f23U, 0x3c220f1eU, 0x6c5a1b36U, 0xc92375eaU,
-    0x22338611U, 0x2a3f8415U, 0x4a6f9c25U, 0x35a14a94U,
-    0x66559733U, 0x685c1a34U, 0x894365caU, 0xff0ef6f1U,
-    0x9354edc7U, 0x24360912U, 0xd6bdbb6bU, 0x98d4264cU,
-    0x362d831bU, 0x8b40ebcbU, 0xa17f6fdeU, 0x3e21811fU,
-    0x10180408U, 0xb5616ad4U, 0x11974386U, 0x04060102U,
-    0x5c72172eU, 0xa37ce1dfU, 0x26358713U, 0xf304f5f7U,
-    0x0e098d07U, 0xab70e3dbU, 0x8cca2346U, 0x3a27801dU,
-    0x0d854488U, 0x5874162cU, 0x854966ccU, 0x84c62142U,
-    0xdf3efee1U, 0x73c4d5b7U, 0xc4a63162U, 0x43ecd9afU,
-    0xd4be356aU, 0x60501830U, 0x080c0204U, 0x8d4564c8U,
-    0xef16f2f9U, 0xe31cf1ffU, 0x45e956acU, 0x1394cd87U,
-    0x322b8219U, 0x078ac88dU, 0xd2bbba69U, 0xe71af0fdU,
-    0x9b58efc3U, 0x834ce9cfU, 0x874ae8cdU, 0xd334fde7U,
-    0x1e11890fU, 0x7bc8d7b3U, 0x3ba8c793U, 0xee99b577U,
-    0xaaffa455U, 0xbce22f5eU, 0x6e599537U, 0x4c6a1326U,
-    0x2c3a0b16U, 0xeb10f3fbU, 0xa77ae0ddU, 0xdcb2376eU,
-};
-
-static const ulong32 T3[256] = {
-    0xf5a653a7U, 0xd06bbbd3U, 0x6ebfd1e6U, 0x3bd9e271U,
-    0xda67bdd0U, 0xcf8a45acU, 0xb3299a4dU, 0x0bf9f279U,
-    0x9ce8743aU, 0x8c038fc9U, 0x417e3f91U, 0x32d7e5fcU,
-    0x44783c1eU, 0x8f018e47U, 0xe54da854U, 0xa9ce67bdU,
-    0x0f0a058cU, 0xf9ae57a5U, 0x01f5f47aU, 0x20cbebfbU,
-    0x5791c663U, 0xb7da6db8U, 0xf453a7ddU, 0xc277b5d4U,
-    0x64b3d7e5U, 0x8df67bb3U, 0xa43397c5U, 0xa3c261beU,
-    0xd19e4fa9U, 0x171a0d88U, 0x2830180cU, 0xebb259a2U,
-    0x96e47239U, 0xf85ba3dfU, 0xf6a45229U, 0xe64fa9daU,
-    0xfaac562bU, 0xd79a4da8U, 0x800b8bcbU, 0xb52d984cU,
-    0xa731964bU, 0xcc884422U, 0xdb9249aaU, 0xd8904824U,
-    0x9b198241U, 0x3ddde070U, 0xf3a251a6U, 0x2cc3eff9U,
-    0xc175b45aU, 0x76afd9e2U, 0x87fa7db0U, 0xb4d86c36U,
-    0x13e9fa7dU, 0x62b7d5e4U, 0xaacc6633U, 0x38dbe3ffU,
-    0x5d9dc060U, 0xc0804020U, 0x30201008U, 0x1d160b8bU,
-    0xd965bc5eU, 0xdd964babU, 0x1fe1fe7fU, 0x0dfdf078U,
-    0x15edf87cU, 0xe8b0582cU, 0xef41ae57U, 0xd66fb9d2U,
-    0xf257a5dcU, 0x73a9da6dU, 0x19e5fc7eU, 0x2e341a0dU,
-    0xf751a653U, 0x5f6a3594U, 0xb02b9bc3U, 0xf0a05028U,
-    0xd29c4e27U, 0x14180c06U, 0xdf61be5fU, 0xc98e47adU,
-    0x4f81ce67U, 0xd56db85cU, 0xe349aa55U, 0xad3d9048U,
-    0x24381c0eU, 0xf155a452U, 0x468fc9eaU, 0x91158442U,
-    0xc771b65bU, 0xd369ba5dU, 0xa0c06030U, 0xcd7db058U,
-    0xfb59a251U, 0xcb79b259U, 0x88f0783cU, 0xb9259c4eU,
-    0x90e07038U, 0x1b12098aU, 0x31d5e472U, 0x78502814U,
-    0x68bbd3e7U, 0xae3f91c6U, 0xfe5fa1deU, 0xfd5da050U,
-    0x0302018eU, 0x4b723992U, 0xdc63bfd1U, 0x2fc1ee77U,
-    0x4d763b93U, 0x83098a45U, 0x7b52299aU, 0x9e1f81ceU,
-    0xeeb45a2dU, 0x0a0c0603U, 0x5195c462U, 0x93e271b6U,
-    0xb1de6fb9U, 0xa5c663bfU, 0x53623196U, 0x67b1d66bU,
-    0x82fc7e3fU, 0x121c0e07U, 0x6c482412U, 0xc38241aeU,
-    0x9d1d8040U, 0xb8d06834U, 0x89058c46U, 0x84f87c3eU,
-    0xe04babdbU, 0x981b83cfU, 0x5297c5ecU, 0x921785ccU,
-    0xbc239fc1U, 0xe1be5fa1U, 0xba279dc0U, 0xce7fb1d6U,
-    0x4e743a1dU, 0x02f7f5f4U, 0x5b99c261U, 0x9aec763bU,
-    0x60402010U, 0xea47add8U, 0x6dbdd068U, 0xe7ba5da0U,
-    0x81fe7fb1U, 0x3c28140aU, 0x6bb9d269U, 0x75add86cU,
-    0xab399249U, 0x26cfe9faU, 0x29c5ec76U, 0xa23795c4U,
-    0x6342219eU, 0x7d562b9bU, 0x79a5dc6eU, 0x715e2f99U,
-    0xb62f99c2U, 0x95e673b7U, 0x775a2d98U, 0xafca65bcU,
-    0x0506038fU, 0x392e1785U, 0x427c3e1fU, 0x9fea75b4U,
-    0x2ac7edf8U, 0x66442211U, 0xe4b85c2eU, 0x00000000U,
-    0xde944a25U, 0x4870381cU, 0xfca8542aU, 0x8ef47a3dU,
-    0x1e140a05U, 0xbf219e4fU, 0x07f1f67bU, 0x8bf279b2U,
-    0xacc86432U, 0x477a3d90U, 0xc58643afU, 0x56643219U,
-    0xedb65ba3U, 0x08fbf3f7U, 0x37d1e673U, 0x694e279dU,
-    0x7e542a15U, 0x25cde874U, 0x5e9fc1eeU, 0x860f89caU,
-    0x6546239fU, 0x223c1e0fU, 0x5a6c361bU, 0x23c9ea75U,
-    0x33221186U, 0x3f2a1584U, 0x6f4a259cU, 0xa135944aU,
-    0x55663397U, 0x5c68341aU, 0x4389ca65U, 0x0efff1f6U,
-    0x5493c7edU, 0x36241209U, 0xbdd66bbbU, 0xd4984c26U,
-    0x2d361b83U, 0x408bcbebU, 0x7fa1de6fU, 0x213e1f81U,
-    0x18100804U, 0x61b5d46aU, 0x97118643U, 0x06040201U,
-    0x725c2e17U, 0x7ca3dfe1U, 0x35261387U, 0x04f3f7f5U,
-    0x090e078dU, 0x70abdbe3U, 0xca8c4623U, 0x273a1d80U,
-    0x850d8844U, 0x74582c16U, 0x4985cc66U, 0xc6844221U,
-    0x3edfe1feU, 0xc473b7d5U, 0xa6c46231U, 0xec43afd9U,
-    0xbed46a35U, 0x50603018U, 0x0c080402U, 0x458dc864U,
-    0x16eff9f2U, 0x1ce3fff1U, 0xe945ac56U, 0x941387cdU,
-    0x2b321982U, 0x8a078dc8U, 0xbbd269baU, 0x1ae7fdf0U,
-    0x589bc3efU, 0x4c83cfe9U, 0x4a87cde8U, 0x34d3e7fdU,
-    0x111e0f89U, 0xc87bb3d7U, 0xa83b93c7U, 0x99ee77b5U,
-    0xffaa55a4U, 0xe2bc5e2fU, 0x596e3795U, 0x6a4c2613U,
-    0x3a2c160bU, 0x10ebfbf3U, 0x7aa7dde0U, 0xb2dc6e37U,
-};
-
-static const ulong32 T4[256] = {
-    0xa7a7a7a7U, 0xd3d3d3d3U, 0xe6e6e6e6U, 0x71717171U,
-    0xd0d0d0d0U, 0xacacacacU, 0x4d4d4d4dU, 0x79797979U,
-    0x3a3a3a3aU, 0xc9c9c9c9U, 0x91919191U, 0xfcfcfcfcU,
-    0x1e1e1e1eU, 0x47474747U, 0x54545454U, 0xbdbdbdbdU,
-    0x8c8c8c8cU, 0xa5a5a5a5U, 0x7a7a7a7aU, 0xfbfbfbfbU,
-    0x63636363U, 0xb8b8b8b8U, 0xddddddddU, 0xd4d4d4d4U,
-    0xe5e5e5e5U, 0xb3b3b3b3U, 0xc5c5c5c5U, 0xbebebebeU,
-    0xa9a9a9a9U, 0x88888888U, 0x0c0c0c0cU, 0xa2a2a2a2U,
-    0x39393939U, 0xdfdfdfdfU, 0x29292929U, 0xdadadadaU,
-    0x2b2b2b2bU, 0xa8a8a8a8U, 0xcbcbcbcbU, 0x4c4c4c4cU,
-    0x4b4b4b4bU, 0x22222222U, 0xaaaaaaaaU, 0x24242424U,
-    0x41414141U, 0x70707070U, 0xa6a6a6a6U, 0xf9f9f9f9U,
-    0x5a5a5a5aU, 0xe2e2e2e2U, 0xb0b0b0b0U, 0x36363636U,
-    0x7d7d7d7dU, 0xe4e4e4e4U, 0x33333333U, 0xffffffffU,
-    0x60606060U, 0x20202020U, 0x08080808U, 0x8b8b8b8bU,
-    0x5e5e5e5eU, 0xababababU, 0x7f7f7f7fU, 0x78787878U,
-    0x7c7c7c7cU, 0x2c2c2c2cU, 0x57575757U, 0xd2d2d2d2U,
-    0xdcdcdcdcU, 0x6d6d6d6dU, 0x7e7e7e7eU, 0x0d0d0d0dU,
-    0x53535353U, 0x94949494U, 0xc3c3c3c3U, 0x28282828U,
-    0x27272727U, 0x06060606U, 0x5f5f5f5fU, 0xadadadadU,
-    0x67676767U, 0x5c5c5c5cU, 0x55555555U, 0x48484848U,
-    0x0e0e0e0eU, 0x52525252U, 0xeaeaeaeaU, 0x42424242U,
-    0x5b5b5b5bU, 0x5d5d5d5dU, 0x30303030U, 0x58585858U,
-    0x51515151U, 0x59595959U, 0x3c3c3c3cU, 0x4e4e4e4eU,
-    0x38383838U, 0x8a8a8a8aU, 0x72727272U, 0x14141414U,
-    0xe7e7e7e7U, 0xc6c6c6c6U, 0xdedededeU, 0x50505050U,
-    0x8e8e8e8eU, 0x92929292U, 0xd1d1d1d1U, 0x77777777U,
-    0x93939393U, 0x45454545U, 0x9a9a9a9aU, 0xcecececeU,
-    0x2d2d2d2dU, 0x03030303U, 0x62626262U, 0xb6b6b6b6U,
-    0xb9b9b9b9U, 0xbfbfbfbfU, 0x96969696U, 0x6b6b6b6bU,
-    0x3f3f3f3fU, 0x07070707U, 0x12121212U, 0xaeaeaeaeU,
-    0x40404040U, 0x34343434U, 0x46464646U, 0x3e3e3e3eU,
-    0xdbdbdbdbU, 0xcfcfcfcfU, 0xececececU, 0xccccccccU,
-    0xc1c1c1c1U, 0xa1a1a1a1U, 0xc0c0c0c0U, 0xd6d6d6d6U,
-    0x1d1d1d1dU, 0xf4f4f4f4U, 0x61616161U, 0x3b3b3b3bU,
-    0x10101010U, 0xd8d8d8d8U, 0x68686868U, 0xa0a0a0a0U,
-    0xb1b1b1b1U, 0x0a0a0a0aU, 0x69696969U, 0x6c6c6c6cU,
-    0x49494949U, 0xfafafafaU, 0x76767676U, 0xc4c4c4c4U,
-    0x9e9e9e9eU, 0x9b9b9b9bU, 0x6e6e6e6eU, 0x99999999U,
-    0xc2c2c2c2U, 0xb7b7b7b7U, 0x98989898U, 0xbcbcbcbcU,
-    0x8f8f8f8fU, 0x85858585U, 0x1f1f1f1fU, 0xb4b4b4b4U,
-    0xf8f8f8f8U, 0x11111111U, 0x2e2e2e2eU, 0x00000000U,
-    0x25252525U, 0x1c1c1c1cU, 0x2a2a2a2aU, 0x3d3d3d3dU,
-    0x05050505U, 0x4f4f4f4fU, 0x7b7b7b7bU, 0xb2b2b2b2U,
-    0x32323232U, 0x90909090U, 0xafafafafU, 0x19191919U,
-    0xa3a3a3a3U, 0xf7f7f7f7U, 0x73737373U, 0x9d9d9d9dU,
-    0x15151515U, 0x74747474U, 0xeeeeeeeeU, 0xcacacacaU,
-    0x9f9f9f9fU, 0x0f0f0f0fU, 0x1b1b1b1bU, 0x75757575U,
-    0x86868686U, 0x84848484U, 0x9c9c9c9cU, 0x4a4a4a4aU,
-    0x97979797U, 0x1a1a1a1aU, 0x65656565U, 0xf6f6f6f6U,
-    0xededededU, 0x09090909U, 0xbbbbbbbbU, 0x26262626U,
-    0x83838383U, 0xebebebebU, 0x6f6f6f6fU, 0x81818181U,
-    0x04040404U, 0x6a6a6a6aU, 0x43434343U, 0x01010101U,
-    0x17171717U, 0xe1e1e1e1U, 0x87878787U, 0xf5f5f5f5U,
-    0x8d8d8d8dU, 0xe3e3e3e3U, 0x23232323U, 0x80808080U,
-    0x44444444U, 0x16161616U, 0x66666666U, 0x21212121U,
-    0xfefefefeU, 0xd5d5d5d5U, 0x31313131U, 0xd9d9d9d9U,
-    0x35353535U, 0x18181818U, 0x02020202U, 0x64646464U,
-    0xf2f2f2f2U, 0xf1f1f1f1U, 0x56565656U, 0xcdcdcdcdU,
-    0x82828282U, 0xc8c8c8c8U, 0xbabababaU, 0xf0f0f0f0U,
-    0xefefefefU, 0xe9e9e9e9U, 0xe8e8e8e8U, 0xfdfdfdfdU,
-    0x89898989U, 0xd7d7d7d7U, 0xc7c7c7c7U, 0xb5b5b5b5U,
-    0xa4a4a4a4U, 0x2f2f2f2fU, 0x95959595U, 0x13131313U,
-    0x0b0b0b0bU, 0xf3f3f3f3U, 0xe0e0e0e0U, 0x37373737U,
-};
-
-static const ulong32 T5[256] = {
-    0x00000000U, 0x01020608U, 0x02040c10U, 0x03060a18U,
-    0x04081820U, 0x050a1e28U, 0x060c1430U, 0x070e1238U,
-    0x08103040U, 0x09123648U, 0x0a143c50U, 0x0b163a58U,
-    0x0c182860U, 0x0d1a2e68U, 0x0e1c2470U, 0x0f1e2278U,
-    0x10206080U, 0x11226688U, 0x12246c90U, 0x13266a98U,
-    0x142878a0U, 0x152a7ea8U, 0x162c74b0U, 0x172e72b8U,
-    0x183050c0U, 0x193256c8U, 0x1a345cd0U, 0x1b365ad8U,
-    0x1c3848e0U, 0x1d3a4ee8U, 0x1e3c44f0U, 0x1f3e42f8U,
-    0x2040c01dU, 0x2142c615U, 0x2244cc0dU, 0x2346ca05U,
-    0x2448d83dU, 0x254ade35U, 0x264cd42dU, 0x274ed225U,
-    0x2850f05dU, 0x2952f655U, 0x2a54fc4dU, 0x2b56fa45U,
-    0x2c58e87dU, 0x2d5aee75U, 0x2e5ce46dU, 0x2f5ee265U,
-    0x3060a09dU, 0x3162a695U, 0x3264ac8dU, 0x3366aa85U,
-    0x3468b8bdU, 0x356abeb5U, 0x366cb4adU, 0x376eb2a5U,
-    0x387090ddU, 0x397296d5U, 0x3a749ccdU, 0x3b769ac5U,
-    0x3c7888fdU, 0x3d7a8ef5U, 0x3e7c84edU, 0x3f7e82e5U,
-    0x40809d3aU, 0x41829b32U, 0x4284912aU, 0x43869722U,
-    0x4488851aU, 0x458a8312U, 0x468c890aU, 0x478e8f02U,
-    0x4890ad7aU, 0x4992ab72U, 0x4a94a16aU, 0x4b96a762U,
-    0x4c98b55aU, 0x4d9ab352U, 0x4e9cb94aU, 0x4f9ebf42U,
-    0x50a0fdbaU, 0x51a2fbb2U, 0x52a4f1aaU, 0x53a6f7a2U,
-    0x54a8e59aU, 0x55aae392U, 0x56ace98aU, 0x57aeef82U,
-    0x58b0cdfaU, 0x59b2cbf2U, 0x5ab4c1eaU, 0x5bb6c7e2U,
-    0x5cb8d5daU, 0x5dbad3d2U, 0x5ebcd9caU, 0x5fbedfc2U,
-    0x60c05d27U, 0x61c25b2fU, 0x62c45137U, 0x63c6573fU,
-    0x64c84507U, 0x65ca430fU, 0x66cc4917U, 0x67ce4f1fU,
-    0x68d06d67U, 0x69d26b6fU, 0x6ad46177U, 0x6bd6677fU,
-    0x6cd87547U, 0x6dda734fU, 0x6edc7957U, 0x6fde7f5fU,
-    0x70e03da7U, 0x71e23bafU, 0x72e431b7U, 0x73e637bfU,
-    0x74e82587U, 0x75ea238fU, 0x76ec2997U, 0x77ee2f9fU,
-    0x78f00de7U, 0x79f20befU, 0x7af401f7U, 0x7bf607ffU,
-    0x7cf815c7U, 0x7dfa13cfU, 0x7efc19d7U, 0x7ffe1fdfU,
-    0x801d2774U, 0x811f217cU, 0x82192b64U, 0x831b2d6cU,
-    0x84153f54U, 0x8517395cU, 0x86113344U, 0x8713354cU,
-    0x880d1734U, 0x890f113cU, 0x8a091b24U, 0x8b0b1d2cU,
-    0x8c050f14U, 0x8d07091cU, 0x8e010304U, 0x8f03050cU,
-    0x903d47f4U, 0x913f41fcU, 0x92394be4U, 0x933b4decU,
-    0x94355fd4U, 0x953759dcU, 0x963153c4U, 0x973355ccU,
-    0x982d77b4U, 0x992f71bcU, 0x9a297ba4U, 0x9b2b7dacU,
-    0x9c256f94U, 0x9d27699cU, 0x9e216384U, 0x9f23658cU,
-    0xa05de769U, 0xa15fe161U, 0xa259eb79U, 0xa35bed71U,
-    0xa455ff49U, 0xa557f941U, 0xa651f359U, 0xa753f551U,
-    0xa84dd729U, 0xa94fd121U, 0xaa49db39U, 0xab4bdd31U,
-    0xac45cf09U, 0xad47c901U, 0xae41c319U, 0xaf43c511U,
-    0xb07d87e9U, 0xb17f81e1U, 0xb2798bf9U, 0xb37b8df1U,
-    0xb4759fc9U, 0xb57799c1U, 0xb67193d9U, 0xb77395d1U,
-    0xb86db7a9U, 0xb96fb1a1U, 0xba69bbb9U, 0xbb6bbdb1U,
-    0xbc65af89U, 0xbd67a981U, 0xbe61a399U, 0xbf63a591U,
-    0xc09dba4eU, 0xc19fbc46U, 0xc299b65eU, 0xc39bb056U,
-    0xc495a26eU, 0xc597a466U, 0xc691ae7eU, 0xc793a876U,
-    0xc88d8a0eU, 0xc98f8c06U, 0xca89861eU, 0xcb8b8016U,
-    0xcc85922eU, 0xcd879426U, 0xce819e3eU, 0xcf839836U,
-    0xd0bddaceU, 0xd1bfdcc6U, 0xd2b9d6deU, 0xd3bbd0d6U,
-    0xd4b5c2eeU, 0xd5b7c4e6U, 0xd6b1cefeU, 0xd7b3c8f6U,
-    0xd8adea8eU, 0xd9afec86U, 0xdaa9e69eU, 0xdbabe096U,
-    0xdca5f2aeU, 0xdda7f4a6U, 0xdea1febeU, 0xdfa3f8b6U,
-    0xe0dd7a53U, 0xe1df7c5bU, 0xe2d97643U, 0xe3db704bU,
-    0xe4d56273U, 0xe5d7647bU, 0xe6d16e63U, 0xe7d3686bU,
-    0xe8cd4a13U, 0xe9cf4c1bU, 0xeac94603U, 0xebcb400bU,
-    0xecc55233U, 0xedc7543bU, 0xeec15e23U, 0xefc3582bU,
-    0xf0fd1ad3U, 0xf1ff1cdbU, 0xf2f916c3U, 0xf3fb10cbU,
-    0xf4f502f3U, 0xf5f704fbU, 0xf6f10ee3U, 0xf7f308ebU,
-    0xf8ed2a93U, 0xf9ef2c9bU, 0xfae92683U, 0xfbeb208bU,
-    0xfce532b3U, 0xfde734bbU, 0xfee13ea3U, 0xffe338abU,
-};
-
-/**
- * The round constants.
- */
-static const ulong32 rc[] = {
-   0xa7d3e671U, 0xd0ac4d79U, 0x3ac991fcU, 0x1e4754bdU,
-   0x8ca57afbU, 0x63b8ddd4U, 0xe5b3c5beU, 0xa9880ca2U,
-   0x39df29daU, 0x2ba8cb4cU, 0x4b22aa24U, 0x4170a6f9U,
-   0x5ae2b036U, 0x7de433ffU, 0x6020088bU, 0x5eab7f78U,
-   0x7c2c57d2U, 0xdc6d7e0dU, 0x5394c328U,
-};
-
-#endif
-
- /**
-    Initialize the Anubis block cipher
-    @param key The symmetric key you wish to pass
-    @param keylen The key length in bytes
-    @param num_rounds The number of rounds desired (0 for default)
-    @param skey The key in as scheduled by this function.
-    @return CRYPT_OK if successful
- */
-#ifdef CLEAN_STACK
-static int _anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
-#else
-int  anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
-#endif
-{
-   int N, R, i, pos, r;
-   ulong32 kappa[MAX_N];
-   ulong32 inter[MAX_N];
-   ulong32 v, K0, K1, K2, K3;
-
-   LTC_ARGCHK(key  != NULL);
-   LTC_ARGCHK(skey != NULL);
-
-   /* Valid sizes (in bytes) are 16, 20, 24, 28, 32, 36, and 40. */
-   if ((keylen & 3) || (keylen < 16) || (keylen > 40)) {
-      return CRYPT_INVALID_KEYSIZE;
-   }
-   skey->anubis.keyBits = keylen*8;
-
-   /*
-    * determine the N length parameter:
-    * (N.B. it is assumed that the key length is valid!)
-    */
-   N = skey->anubis.keyBits >> 5;
-
-   /*
-    * determine number of rounds from key size:
-    */
-   skey->anubis.R = R = 8 + N;
-
-   if (num_rounds != 0 && num_rounds != skey->anubis.R) {
-      return CRYPT_INVALID_ROUNDS;
-   }
-
-    /*
-    * map cipher key to initial key state (mu):
-    */
-    for (i = 0, pos = 0; i < N; i++, pos += 4) {
-      kappa[i] =
-         (key[pos    ] << 24) ^
-         (key[pos + 1] << 16) ^
-         (key[pos + 2] <<  8) ^
-         (key[pos + 3]      );
-    }
-
-   /*
-    * generate R + 1 round keys:
-    */
-   for (r = 0; r <= R; r++) {
-      /*
-       * generate r-th round key K^r:
-       */
-      K0 = T4[(kappa[N - 1] >> 24)       ];
-      K1 = T4[(kappa[N - 1] >> 16) & 0xff];
-      K2 = T4[(kappa[N - 1] >>  8) & 0xff];
-      K3 = T4[(kappa[N - 1]      ) & 0xff];
-      for (i = N - 2; i >= 0; i--) {
-         K0 = T4[(kappa[i] >> 24)       ] ^
-            (T5[(K0 >> 24)       ] & 0xff000000U) ^
-            (T5[(K0 >> 16) & 0xff] & 0x00ff0000U) ^
-            (T5[(K0 >>  8) & 0xff] & 0x0000ff00U) ^
-            (T5[(K0      ) & 0xff] & 0x000000ffU);
-         K1 = T4[(kappa[i] >> 16) & 0xff] ^
-            (T5[(K1 >> 24)       ] & 0xff000000U) ^
-            (T5[(K1 >> 16) & 0xff] & 0x00ff0000U) ^
-            (T5[(K1 >>  8) & 0xff] & 0x0000ff00U) ^
-            (T5[(K1      ) & 0xff] & 0x000000ffU);
-         K2 = T4[(kappa[i] >>  8) & 0xff] ^
-            (T5[(K2 >> 24)       ] & 0xff000000U) ^
-            (T5[(K2 >> 16) & 0xff] & 0x00ff0000U) ^
-            (T5[(K2 >>  8) & 0xff] & 0x0000ff00U) ^
-            (T5[(K2      ) & 0xff] & 0x000000ffU);
-         K3 = T4[(kappa[i]      ) & 0xff] ^
-            (T5[(K3 >> 24)       ] & 0xff000000U) ^
-            (T5[(K3 >> 16) & 0xff] & 0x00ff0000U) ^
-            (T5[(K3 >>  8) & 0xff] & 0x0000ff00U) ^
-            (T5[(K3      ) & 0xff] & 0x000000ffU);
-      }
-      /*
-      -- this is the code to use with the large U tables:
-      K0 = K1 = K2 = K3 = 0;
-      for (i = 0; i < N; i++) {
-         K0 ^= U[i][(kappa[i] >> 24)       ];
-         K1 ^= U[i][(kappa[i] >> 16) & 0xff];
-         K2 ^= U[i][(kappa[i] >>  8) & 0xff];
-         K3 ^= U[i][(kappa[i]      ) & 0xff];
-      }
-      */
-      skey->anubis.roundKeyEnc[r][0] = K0;
-      skey->anubis.roundKeyEnc[r][1] = K1;
-      skey->anubis.roundKeyEnc[r][2] = K2;
-      skey->anubis.roundKeyEnc[r][3] = K3;
-
-      /*
-       * compute kappa^{r+1} from kappa^r:
-       */
-      if (r == R) {
-         break;
-      }
-      for (i = 0; i < N; i++) {
-         int j = i;
-         inter[i]  = T0[(kappa[j--] >> 24)       ]; if (j < 0) j = N - 1;
-         inter[i] ^= T1[(kappa[j--] >> 16) & 0xff]; if (j < 0) j = N - 1;
-         inter[i] ^= T2[(kappa[j--] >>  8) & 0xff]; if (j < 0) j = N - 1;
-         inter[i] ^= T3[(kappa[j  ]      ) & 0xff];
-      }
-      kappa[0] = inter[0] ^ rc[r];
-      for (i = 1; i < N; i++) {
-         kappa[i] = inter[i];
-      }
-   }
-
-   /*
-    * generate inverse key schedule: K'^0 = K^R, K'^R = K^0, K'^r = theta(K^{R-r}):
-    */
-   for (i = 0; i < 4; i++) {
-      skey->anubis.roundKeyDec[0][i] = skey->anubis.roundKeyEnc[R][i];
-      skey->anubis.roundKeyDec[R][i] = skey->anubis.roundKeyEnc[0][i];
-   }
-   for (r = 1; r < R; r++) {
-      for (i = 0; i < 4; i++) {
-         v = skey->anubis.roundKeyEnc[R - r][i];
-         skey->anubis.roundKeyDec[r][i] =
-            T0[T4[(v >> 24)       ] & 0xff] ^
-            T1[T4[(v >> 16) & 0xff] & 0xff] ^
-            T2[T4[(v >>  8) & 0xff] & 0xff] ^
-            T3[T4[(v      ) & 0xff] & 0xff];
-      }
-   }
-
-   return CRYPT_OK;
-}
-
-#ifdef CLEAN_STACK
-int  anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
-{
-  int err;
-  err = _anubis_setup(key, keylen, num_rounds, skey);
-  burn_stack(sizeof(int) * 5 + sizeof(ulong32) * (MAX_N + MAX_N + 5));
-  return err;
-}
-#endif
-  
-
-static void anubis_crypt(const unsigned char *plaintext, unsigned char *ciphertext,
-                         ulong32 roundKey[18 + 1][4], int R) {
-   int i, pos, r;
-   ulong32 state[4];
-   ulong32 inter[4];
-
-    /*
-    * map plaintext block to cipher state (mu)
-    * and add initial round key (sigma[K^0]):
-    */
-    for (i = 0, pos = 0; i < 4; i++, pos += 4) {
-      state[i] =
-         (plaintext[pos    ] << 24) ^
-         (plaintext[pos + 1] << 16) ^
-         (plaintext[pos + 2] <<  8) ^
-         (plaintext[pos + 3]      ) ^
-         roundKey[0][i];
-    }
-
-    /*
-     * R - 1 full rounds:
-     */
-    for (r = 1; r < R; r++) {
-      inter[0] =
-         T0[(state[0] >> 24)       ] ^
-         T1[(state[1] >> 24)       ] ^
-         T2[(state[2] >> 24)       ] ^
-         T3[(state[3] >> 24)       ] ^
-         roundKey[r][0];
-      inter[1] =
-         T0[(state[0] >> 16) & 0xff] ^
-         T1[(state[1] >> 16) & 0xff] ^
-         T2[(state[2] >> 16) & 0xff] ^
-         T3[(state[3] >> 16) & 0xff] ^
-         roundKey[r][1];
-      inter[2] =
-         T0[(state[0] >>  8) & 0xff] ^
-         T1[(state[1] >>  8) & 0xff] ^
-         T2[(state[2] >>  8) & 0xff] ^
-         T3[(state[3] >>  8) & 0xff] ^
-         roundKey[r][2];
-      inter[3] =
-         T0[(state[0]      ) & 0xff] ^
-         T1[(state[1]      ) & 0xff] ^
-         T2[(state[2]      ) & 0xff] ^
-         T3[(state[3]      ) & 0xff] ^
-         roundKey[r][3];
-      state[0] = inter[0];
-      state[1] = inter[1];
-      state[2] = inter[2];
-      state[3] = inter[3];
-    }
-
-    /*
-    * last round:
-    */
-   inter[0] =
-      (T0[(state[0] >> 24)       ] & 0xff000000U) ^
-      (T1[(state[1] >> 24)       ] & 0x00ff0000U) ^
-      (T2[(state[2] >> 24)       ] & 0x0000ff00U) ^
-      (T3[(state[3] >> 24)       ] & 0x000000ffU) ^
-      roundKey[R][0];
-   inter[1] =
-      (T0[(state[0] >> 16) & 0xff] & 0xff000000U) ^
-      (T1[(state[1] >> 16) & 0xff] & 0x00ff0000U) ^
-      (T2[(state[2] >> 16) & 0xff] & 0x0000ff00U) ^
-      (T3[(state[3] >> 16) & 0xff] & 0x000000ffU) ^
-      roundKey[R][1];
-   inter[2] =
-      (T0[(state[0] >>  8) & 0xff] & 0xff000000U) ^
-      (T1[(state[1] >>  8) & 0xff] & 0x00ff0000U) ^
-      (T2[(state[2] >>  8) & 0xff] & 0x0000ff00U) ^
-      (T3[(state[3] >>  8) & 0xff] & 0x000000ffU) ^
-      roundKey[R][2];
-   inter[3] =
-      (T0[(state[0]      ) & 0xff] & 0xff000000U) ^
-      (T1[(state[1]      ) & 0xff] & 0x00ff0000U) ^
-      (T2[(state[2]      ) & 0xff] & 0x0000ff00U) ^
-      (T3[(state[3]      ) & 0xff] & 0x000000ffU) ^
-      roundKey[R][3];
-
-   /*
-    * map cipher state to ciphertext block (mu^{-1}):
-    */
-    for (i = 0, pos = 0; i < 4; i++, pos += 4) {
-        ulong32 w = inter[i];
-        ciphertext[pos    ] = (unsigned char)(w >> 24);
-        ciphertext[pos + 1] = (unsigned char)(w >> 16);
-        ciphertext[pos + 2] = (unsigned char)(w >>  8);
-        ciphertext[pos + 3] = (unsigned char)(w      );
-    }
-}
-
-/**
-  Encrypts a block of text with Anubis
-  @param pt The input plaintext (16 bytes)
-  @param ct The output ciphertext (16 bytes)
-  @param skey The key as scheduled
-*/
-void anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
-{
-   LTC_ARGCHK(pt   != NULL);
-   LTC_ARGCHK(ct   != NULL);
-   LTC_ARGCHK(skey != NULL);
-   anubis_crypt(pt, ct, skey->anubis.roundKeyEnc, skey->anubis.R);
-}
-
-/**
-  Decrypts a block of text with Anubis
-  @param ct The input ciphertext (16 bytes)
-  @param pt The output plaintext (16 bytes)
-  @param skey The key as scheduled 
-*/
-void anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
-{
-   LTC_ARGCHK(pt   != NULL);
-   LTC_ARGCHK(ct   != NULL);
-   LTC_ARGCHK(skey != NULL);
-   anubis_crypt(ct, pt, skey->anubis.roundKeyDec, skey->anubis.R);
-}
-
-/**
-  Performs a self-test of the Anubis block cipher
-  @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled
-*/
-int anubis_test(void)
-{
-#if !defined(LTC_TEST)
-  return CRYPT_NOP;
-#else
-  static const struct test {
-     int keylen;
-     unsigned char pt[16], ct[16], key[40];
-  } tests[] = {
-#ifndef ANUBIS_TWEAK
-  /**** ORIGINAL ANUBIS ****/
-  /* 128 bit keys */
-{
-   16,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0xF0, 0x68, 0x60, 0xFC, 0x67, 0x30, 0xE8, 0x18, 
-     0xF1, 0x32, 0xC7, 0x8A, 0xF4, 0x13, 0x2A, 0xFE },
-   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-}, {
-   16,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0xA8, 0x66, 0x84, 0x80, 0x07, 0x74, 0x5C, 0x89, 
-     0xFC, 0x5E, 0xB5, 0xBA, 0xD4, 0xFE, 0x32, 0x6D },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
-},
-
-   /* 160-bit keys */
-{
-   20,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0xBD, 0x5E, 0x32, 0xBE, 0x51, 0x67, 0xA8, 0xE2,
-     0x72, 0xD7, 0x95, 0x0F, 0x83, 0xC6, 0x8C, 0x31 },
-   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00 }
-}, {
-   20,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0x4C, 0x1F, 0x86, 0x2E, 0x11, 0xEB, 0xCE, 0xEB,
-     0xFE, 0xB9, 0x73, 0xC9, 0xDF, 0xEF, 0x7A, 0xDB },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x01 }
-},
-
-  /* 192-bit keys */
-{
-   24,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0x17, 0xAC, 0x57, 0x44, 0x9D, 0x59, 0x61, 0x66, 
-     0xD0, 0xC7, 0x9E, 0x04, 0x7C, 0xC7, 0x58, 0xF0 },
-   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-}, {
-   24,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0x71, 0x52, 0xB4, 0xEB, 0x1D, 0xAA, 0x36, 0xFD, 
-     0x57, 0x14, 0x5F, 0x57, 0x04, 0x9F, 0x70, 0x74 },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
-},
-
-  /* 224-bit keys */
-{
-   28,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0xA2, 0xF0, 0xA6, 0xB9, 0x17, 0x93, 0x2A, 0x3B, 
-     0xEF, 0x08, 0xE8, 0x7A, 0x58, 0xD6, 0xF8, 0x53 },
-   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00 }
-}, {
-   28,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0xF0, 0xCA, 0xFC, 0x78, 0x8B, 0x4B, 0x4E, 0x53, 
-     0x8B, 0xC4, 0x32, 0x6A, 0xF5, 0xB9, 0x1B, 0x5F },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x01 }
-},
-
-  /* 256-bit keys */
-{
-   32,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0xE0, 0x86, 0xAC, 0x45, 0x6B, 0x3C, 0xE5, 0x13, 
-     0xED, 0xF5, 0xDF, 0xDD, 0xD6, 0x3B, 0x71, 0x93 },
-   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-}, {
-   32,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0x50, 0x01, 0xB9, 0xF5, 0x21, 0xC1, 0xC1, 0x29, 
-     0x00, 0xD5, 0xEC, 0x98, 0x2B, 0x9E, 0xE8, 0x21 },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
-},
-
-  /* 288-bit keys */
-{
-   36,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0xE8, 0xF4, 0xAF, 0x2B, 0x21, 0xA0, 0x87, 0x9B, 
-     0x41, 0x95, 0xB9, 0x71, 0x75, 0x79, 0x04, 0x7C },
-   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00 }
-}, {
-   36,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0xE6, 0xA6, 0xA5, 0xBC, 0x8B, 0x63, 0x6F, 0xE2, 
-     0xBD, 0xA7, 0xA7, 0x53, 0xAB, 0x40, 0x22, 0xE0 },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x01 }
-},
-
-  /* 320-bit keys */
-{
-   40,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0x17, 0x04, 0xD7, 0x2C, 0xC6, 0x85, 0x76, 0x02, 
-     0x4B, 0xCC, 0x39, 0x80, 0xD8, 0x22, 0xEA, 0xA4 },
-   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-}, {
-   40,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0x7A, 0x41, 0xE6, 0x7D, 0x4F, 0xD8, 0x64, 0xF0, 
-     0x44, 0xA8, 0x3C, 0x73, 0x81, 0x7E, 0x53, 0xD8 },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
-}
-#else
-  /**** Tweaked ANUBIS ****/
-  /* 128 bit keys */
-{
-   16,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0xB8, 0x35, 0xBD, 0xC3, 0x34, 0x82, 0x9D, 0x83,
-     0x71, 0xBF, 0xA3, 0x71, 0xE4, 0xB3, 0xC4, 0xFD },
-   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-}, {
-   16,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0xE6, 0x14, 0x1E, 0xAF, 0xEB, 0xE0, 0x59, 0x3C,
-     0x48, 0xE1, 0xCD, 0xF2, 0x1B, 0xBA, 0xA1, 0x89 },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
-},
-
-   /* 160-bit keys */
-{
-   20,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0x97, 0x59, 0x79, 0x4B, 0x5C, 0xA0, 0x70, 0x73,
-     0x24, 0xEF, 0xB3, 0x58, 0x67, 0xCA, 0xD4, 0xB3 },
-   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00 }
-}, {
-   20,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0xB8, 0x0D, 0xFB, 0x9B, 0xE4, 0xA1, 0x58, 0x87,
-     0xB3, 0x76, 0xD5, 0x02, 0x18, 0x95, 0xC1, 0x2E },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x01 }
-},
-
-  /* 192-bit keys */
-{
-   24,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0x7D, 0x62, 0x3B, 0x52, 0xC7, 0x4C, 0x64, 0xD8,
-     0xEB, 0xC7, 0x2D, 0x57, 0x97, 0x85, 0x43, 0x8F },
-   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-}, {
-   24,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0xB1, 0x0A, 0x59, 0xDD, 0x5D, 0x5D, 0x8D, 0x67,
-     0xEC, 0xEE, 0x4A, 0xC4, 0xBE, 0x4F, 0xA8, 0x4F },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
-},
-
-  /* 224-bit keys */
-{
-   28,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0x68, 0x9E, 0x05, 0x94, 0x6A, 0x94, 0x43, 0x8F,
-     0xE7, 0x8E, 0x37, 0x3D, 0x24, 0x97, 0x92, 0xF5 },
-   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00 }
-}, {
-   28,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0xDD, 0xB7, 0xB0, 0xB4, 0xE9, 0xB4, 0x9B, 0x9C,
-     0x38, 0x20, 0x25, 0x0B, 0x47, 0xC2, 0x1F, 0x89 },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x01 }
-},
-
-  /* 256-bit keys */
-{
-   32,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0x96, 0x00, 0xF0, 0x76, 0x91, 0x69, 0x29, 0x87,
-     0xF5, 0xE5, 0x97, 0xDB, 0xDB, 0xAF, 0x1B, 0x0A },
-   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-}, {
-   32,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0x69, 0x9C, 0xAF, 0xDD, 0x94, 0xC7, 0xBC, 0x60,
-     0x44, 0xFE, 0x02, 0x05, 0x8A, 0x6E, 0xEF, 0xBD },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
-},
-
-  /* 288-bit keys */
-{
-   36,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0x0F, 0xC7, 0xA2, 0xC0, 0x11, 0x17, 0xAC, 0x43,
-     0x52, 0x5E, 0xDF, 0x6C, 0xF3, 0x96, 0x33, 0x6C },
-   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00 }
-}, {
-   36,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0xAD, 0x08, 0x4F, 0xED, 0x55, 0xA6, 0x94, 0x3E,
-     0x7E, 0x5E, 0xED, 0x05, 0xA1, 0x9D, 0x41, 0xB4 },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x01 }
-},
-
-  /* 320-bit keys */
-{
-   40,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0xFE, 0xE2, 0x0E, 0x2A, 0x9D, 0xC5, 0x83, 0xBA,
-     0xA3, 0xA6, 0xD6, 0xA6, 0xF2, 0xE8, 0x06, 0xA5 },
-   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
-}, {
-   40,
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
-   { 0x86, 0x3D, 0xCC, 0x4A, 0x60, 0x34, 0x9C, 0x28,
-     0xA7, 0xDA, 0xA4, 0x3B, 0x0A, 0xD7, 0xFD, 0xC7 },
-   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
-}
-#endif
-};
-   int x, y;
-   unsigned char buf[2][16];
-   symmetric_key skey;
-
-   for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
-       anubis_setup(tests[x].key, tests[x].keylen, 0, &skey);
-       anubis_ecb_encrypt(tests[x].pt, buf[0], &skey);
-       anubis_ecb_decrypt(buf[0], buf[1], &skey);
-       if (memcmp(buf[0], tests[x].ct, 16) || memcmp(buf[1], tests[x].pt, 16)) {
-          return CRYPT_FAIL_TESTVECTOR;
-       }
-
-       for (y = 0; y < 1000; y++) anubis_ecb_encrypt(buf[0], buf[0], &skey);
-       for (y = 0; y < 1000; y++) anubis_ecb_decrypt(buf[0], buf[0], &skey);
-       if (memcmp(buf[0], tests[x].ct, 16)) {
-          return CRYPT_FAIL_TESTVECTOR;
-       }
-
-   }
-   return CRYPT_OK;
-#endif
-}
-
-/** Terminate the context 
-   @param skey    The scheduled key
-*/
-void anubis_done(symmetric_key *skey)
-{
-}
-
-/**
-  Gets suitable key size
-  @param keysize [in/out] The length of the recommended key (in bytes).  This function will store the suitable size back in this variable.
-  @return CRYPT_OK if the input key size is acceptable.
-*/
-int anubis_keysize(int *keysize)
-{
-   LTC_ARGCHK(keysize != NULL);
-   if (*keysize >= 40) {
-      *keysize = 40;
-   } else if (*keysize >= 36) {
-      *keysize = 36;
-   } else if (*keysize >= 32) {
-      *keysize = 32;
-   } else if (*keysize >= 28) {
-      *keysize = 28;
-   } else if (*keysize >= 24) {
-      *keysize = 24;
-   } else if (*keysize >= 20) {
-      *keysize = 20;
-   } else if (*keysize >= 16) {
-      *keysize = 16;
-   } else {
-      return CRYPT_INVALID_KEYSIZE;
-   }
-   return CRYPT_OK;
-}
-
-#endif
-
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/**
+  @file anubis.c
+  Anubis implementation derived from public domain source
+  Authors: Paulo S.L.M. Barreto and Vincent Rijmen.
+*/
+
+#include "tomcrypt.h"
+
+#ifdef ANUBIS
+
+const struct ltc_cipher_descriptor anubis_desc = {
+   "anubis",
+   19,
+   16, 40, 16, 12,
+   &anubis_setup,
+   &anubis_ecb_encrypt,
+   &anubis_ecb_decrypt,
+   &anubis_test,
+   &anubis_done,
+   &anubis_keysize,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
+};
+
+#define MIN_N           4 
+#define MAX_N           10 
+#define MIN_ROUNDS      (8 + MIN_N) 
+#define MAX_ROUNDS      (8 + MAX_N) 
+#define MIN_KEYSIZEB    (4*MIN_N) 
+#define MAX_KEYSIZEB    (4*MAX_N) 
+#define BLOCKSIZE       128 
+#define BLOCKSIZEB      (BLOCKSIZE/8) 
+
+
+/*
+ * Though Anubis is endianness-neutral, the encryption tables are listed
+ * in BIG-ENDIAN format, which is adopted throughout this implementation
+ * (but little-endian notation would be equally suitable if consistently
+ * employed).
+ */
+#if defined(ANUBIS_TWEAK)
+
+static const ulong32 T0[256] = {
+    0xba69d2bbU, 0x54a84de5U, 0x2f5ebce2U, 0x74e8cd25U,
+    0x53a651f7U, 0xd3bb6bd0U, 0xd2b96fd6U, 0x4d9a29b3U,
+    0x50a05dfdU, 0xac458acfU, 0x8d070e09U, 0xbf63c6a5U,
+    0x70e0dd3dU, 0x52a455f1U, 0x9a29527bU, 0x4c982db5U,
+    0xeac98f46U, 0xd5b773c4U, 0x97336655U, 0xd1bf63dcU,
+    0x3366ccaaU, 0x51a259fbU, 0x5bb671c7U, 0xa651a2f3U,
+    0xdea15ffeU, 0x48903dadU, 0xa84d9ad7U, 0x992f5e71U,
+    0xdbab4be0U, 0x3264c8acU, 0xb773e695U, 0xfce5d732U,
+    0xe3dbab70U, 0x9e214263U, 0x913f7e41U, 0x9b2b567dU,
+    0xe2d9af76U, 0xbb6bd6bdU, 0x4182199bU, 0x6edca579U,
+    0xa557aef9U, 0xcb8b0b80U, 0x6bd6b167U, 0x95376e59U,
+    0xa15fbee1U, 0xf3fbeb10U, 0xb17ffe81U, 0x0204080cU,
+    0xcc851792U, 0xc49537a2U, 0x1d3a744eU, 0x14285078U,
+    0xc39b2bb0U, 0x63c69157U, 0xdaa94fe6U, 0x5dba69d3U,
+    0x5fbe61dfU, 0xdca557f2U, 0x7dfae913U, 0xcd871394U,
+    0x7ffee11fU, 0x5ab475c1U, 0x6cd8ad75U, 0x5cb86dd5U,
+    0xf7f3fb08U, 0x264c98d4U, 0xffe3db38U, 0xedc79354U,
+    0xe8cd874aU, 0x9d274e69U, 0x6fdea17fU, 0x8e010203U,
+    0x19326456U, 0xa05dbae7U, 0xf0fde71aU, 0x890f1e11U,
+    0x0f1e3c22U, 0x070e1c12U, 0xaf4386c5U, 0xfbebcb20U,
+    0x08102030U, 0x152a547eU, 0x0d1a342eU, 0x04081018U,
+    0x01020406U, 0x64c88d45U, 0xdfa35bf8U, 0x76ecc529U,
+    0x79f2f90bU, 0xdda753f4U, 0x3d7af48eU, 0x162c5874U,
+    0x3f7efc82U, 0x376edcb2U, 0x6ddaa973U, 0x3870e090U,
+    0xb96fdeb1U, 0x73e6d137U, 0xe9cf834cU, 0x356ad4beU,
+    0x55aa49e3U, 0x71e2d93bU, 0x7bf6f107U, 0x8c050a0fU,
+    0x72e4d531U, 0x880d1a17U, 0xf6f1ff0eU, 0x2a54a8fcU,
+    0x3e7cf884U, 0x5ebc65d9U, 0x274e9cd2U, 0x468c0589U,
+    0x0c183028U, 0x65ca8943U, 0x68d0bd6dU, 0x61c2995bU,
+    0x03060c0aU, 0xc19f23bcU, 0x57ae41efU, 0xd6b17fceU,
+    0xd9af43ecU, 0x58b07dcdU, 0xd8ad47eaU, 0x66cc8549U,
+    0xd7b37bc8U, 0x3a74e89cU, 0xc88d078aU, 0x3c78f088U,
+    0xfae9cf26U, 0x96316253U, 0xa753a6f5U, 0x982d5a77U,
+    0xecc59752U, 0xb86ddab7U, 0xc7933ba8U, 0xae4182c3U,
+    0x69d2b96bU, 0x4b9631a7U, 0xab4b96ddU, 0xa94f9ed1U,
+    0x67ce814fU, 0x0a14283cU, 0x478e018fU, 0xf2f9ef16U,
+    0xb577ee99U, 0x224488ccU, 0xe5d7b364U, 0xeec19f5eU,
+    0xbe61c2a3U, 0x2b56acfaU, 0x811f3e21U, 0x1224486cU,
+    0x831b362dU, 0x1b366c5aU, 0x0e1c3824U, 0x23468ccaU,
+    0xf5f7f304U, 0x458a0983U, 0x214284c6U, 0xce811f9eU,
+    0x499239abU, 0x2c58b0e8U, 0xf9efc32cU, 0xe6d1bf6eU,
+    0xb671e293U, 0x2850a0f0U, 0x172e5c72U, 0x8219322bU,
+    0x1a34685cU, 0x8b0b161dU, 0xfee1df3eU, 0x8a09121bU,
+    0x09122436U, 0xc98f038cU, 0x87132635U, 0x4e9c25b9U,
+    0xe1dfa37cU, 0x2e5cb8e4U, 0xe4d5b762U, 0xe0dda77aU,
+    0xebcb8b40U, 0x903d7a47U, 0xa455aaffU, 0x1e3c7844U,
+    0x85172e39U, 0x60c09d5dU, 0x00000000U, 0x254a94deU,
+    0xf4f5f702U, 0xf1ffe31cU, 0x94356a5fU, 0x0b162c3aU,
+    0xe7d3bb68U, 0x75eac923U, 0xefc39b58U, 0x3468d0b8U,
+    0x3162c4a6U, 0xd4b577c2U, 0xd0bd67daU, 0x86112233U,
+    0x7efce519U, 0xad478ec9U, 0xfde7d334U, 0x2952a4f6U,
+    0x3060c0a0U, 0x3b76ec9aU, 0x9f234665U, 0xf8edc72aU,
+    0xc6913faeU, 0x13264c6aU, 0x060c1814U, 0x050a141eU,
+    0xc59733a4U, 0x11224466U, 0x77eec12fU, 0x7cf8ed15U,
+    0x7af4f501U, 0x78f0fd0dU, 0x366cd8b4U, 0x1c387048U,
+    0x3972e496U, 0x59b279cbU, 0x18306050U, 0x56ac45e9U,
+    0xb37bf68dU, 0xb07dfa87U, 0x244890d8U, 0x204080c0U,
+    0xb279f28bU, 0x9239724bU, 0xa35bb6edU, 0xc09d27baU,
+    0x44880d85U, 0x62c49551U, 0x10204060U, 0xb475ea9fU,
+    0x84152a3fU, 0x43861197U, 0x933b764dU, 0xc2992fb6U,
+    0x4a9435a1U, 0xbd67cea9U, 0x8f030605U, 0x2d5ab4eeU,
+    0xbc65caafU, 0x9c254a6fU, 0x6ad4b561U, 0x40801d9dU,
+    0xcf831b98U, 0xa259b2ebU, 0x801d3a27U, 0x4f9e21bfU,
+    0x1f3e7c42U, 0xca890f86U, 0xaa4992dbU, 0x42841591U,
+};
+
+static const ulong32 T1[256] = {
+    0x69babbd2U, 0xa854e54dU, 0x5e2fe2bcU, 0xe87425cdU,
+    0xa653f751U, 0xbbd3d06bU, 0xb9d2d66fU, 0x9a4db329U,
+    0xa050fd5dU, 0x45accf8aU, 0x078d090eU, 0x63bfa5c6U,
+    0xe0703dddU, 0xa452f155U, 0x299a7b52U, 0x984cb52dU,
+    0xc9ea468fU, 0xb7d5c473U, 0x33975566U, 0xbfd1dc63U,
+    0x6633aaccU, 0xa251fb59U, 0xb65bc771U, 0x51a6f3a2U,
+    0xa1defe5fU, 0x9048ad3dU, 0x4da8d79aU, 0x2f99715eU,
+    0xabdbe04bU, 0x6432acc8U, 0x73b795e6U, 0xe5fc32d7U,
+    0xdbe370abU, 0x219e6342U, 0x3f91417eU, 0x2b9b7d56U,
+    0xd9e276afU, 0x6bbbbdd6U, 0x82419b19U, 0xdc6e79a5U,
+    0x57a5f9aeU, 0x8bcb800bU, 0xd66b67b1U, 0x3795596eU,
+    0x5fa1e1beU, 0xfbf310ebU, 0x7fb181feU, 0x04020c08U,
+    0x85cc9217U, 0x95c4a237U, 0x3a1d4e74U, 0x28147850U,
+    0x9bc3b02bU, 0xc6635791U, 0xa9dae64fU, 0xba5dd369U,
+    0xbe5fdf61U, 0xa5dcf257U, 0xfa7d13e9U, 0x87cd9413U,
+    0xfe7f1fe1U, 0xb45ac175U, 0xd86c75adU, 0xb85cd56dU,
+    0xf3f708fbU, 0x4c26d498U, 0xe3ff38dbU, 0xc7ed5493U,
+    0xcde84a87U, 0x279d694eU, 0xde6f7fa1U, 0x018e0302U,
+    0x32195664U, 0x5da0e7baU, 0xfdf01ae7U, 0x0f89111eU,
+    0x1e0f223cU, 0x0e07121cU, 0x43afc586U, 0xebfb20cbU,
+    0x10083020U, 0x2a157e54U, 0x1a0d2e34U, 0x08041810U,
+    0x02010604U, 0xc864458dU, 0xa3dff85bU, 0xec7629c5U,
+    0xf2790bf9U, 0xa7ddf453U, 0x7a3d8ef4U, 0x2c167458U,
+    0x7e3f82fcU, 0x6e37b2dcU, 0xda6d73a9U, 0x703890e0U,
+    0x6fb9b1deU, 0xe67337d1U, 0xcfe94c83U, 0x6a35bed4U,
+    0xaa55e349U, 0xe2713bd9U, 0xf67b07f1U, 0x058c0f0aU,
+    0xe47231d5U, 0x0d88171aU, 0xf1f60effU, 0x542afca8U,
+    0x7c3e84f8U, 0xbc5ed965U, 0x4e27d29cU, 0x8c468905U,
+    0x180c2830U, 0xca654389U, 0xd0686dbdU, 0xc2615b99U,
+    0x06030a0cU, 0x9fc1bc23U, 0xae57ef41U, 0xb1d6ce7fU,
+    0xafd9ec43U, 0xb058cd7dU, 0xadd8ea47U, 0xcc664985U,
+    0xb3d7c87bU, 0x743a9ce8U, 0x8dc88a07U, 0x783c88f0U,
+    0xe9fa26cfU, 0x31965362U, 0x53a7f5a6U, 0x2d98775aU,
+    0xc5ec5297U, 0x6db8b7daU, 0x93c7a83bU, 0x41aec382U,
+    0xd2696bb9U, 0x964ba731U, 0x4babdd96U, 0x4fa9d19eU,
+    0xce674f81U, 0x140a3c28U, 0x8e478f01U, 0xf9f216efU,
+    0x77b599eeU, 0x4422cc88U, 0xd7e564b3U, 0xc1ee5e9fU,
+    0x61bea3c2U, 0x562bfaacU, 0x1f81213eU, 0x24126c48U,
+    0x1b832d36U, 0x361b5a6cU, 0x1c0e2438U, 0x4623ca8cU,
+    0xf7f504f3U, 0x8a458309U, 0x4221c684U, 0x81ce9e1fU,
+    0x9249ab39U, 0x582ce8b0U, 0xeff92cc3U, 0xd1e66ebfU,
+    0x71b693e2U, 0x5028f0a0U, 0x2e17725cU, 0x19822b32U,
+    0x341a5c68U, 0x0b8b1d16U, 0xe1fe3edfU, 0x098a1b12U,
+    0x12093624U, 0x8fc98c03U, 0x13873526U, 0x9c4eb925U,
+    0xdfe17ca3U, 0x5c2ee4b8U, 0xd5e462b7U, 0xdde07aa7U,
+    0xcbeb408bU, 0x3d90477aU, 0x55a4ffaaU, 0x3c1e4478U,
+    0x1785392eU, 0xc0605d9dU, 0x00000000U, 0x4a25de94U,
+    0xf5f402f7U, 0xfff11ce3U, 0x35945f6aU, 0x160b3a2cU,
+    0xd3e768bbU, 0xea7523c9U, 0xc3ef589bU, 0x6834b8d0U,
+    0x6231a6c4U, 0xb5d4c277U, 0xbdd0da67U, 0x11863322U,
+    0xfc7e19e5U, 0x47adc98eU, 0xe7fd34d3U, 0x5229f6a4U,
+    0x6030a0c0U, 0x763b9aecU, 0x239f6546U, 0xedf82ac7U,
+    0x91c6ae3fU, 0x26136a4cU, 0x0c061418U, 0x0a051e14U,
+    0x97c5a433U, 0x22116644U, 0xee772fc1U, 0xf87c15edU,
+    0xf47a01f5U, 0xf0780dfdU, 0x6c36b4d8U, 0x381c4870U,
+    0x723996e4U, 0xb259cb79U, 0x30185060U, 0xac56e945U,
+    0x7bb38df6U, 0x7db087faU, 0x4824d890U, 0x4020c080U,
+    0x79b28bf2U, 0x39924b72U, 0x5ba3edb6U, 0x9dc0ba27U,
+    0x8844850dU, 0xc4625195U, 0x20106040U, 0x75b49feaU,
+    0x15843f2aU, 0x86439711U, 0x3b934d76U, 0x99c2b62fU,
+    0x944aa135U, 0x67bda9ceU, 0x038f0506U, 0x5a2deeb4U,
+    0x65bcafcaU, 0x259c6f4aU, 0xd46a61b5U, 0x80409d1dU,
+    0x83cf981bU, 0x59a2ebb2U, 0x1d80273aU, 0x9e4fbf21U,
+    0x3e1f427cU, 0x89ca860fU, 0x49aadb92U, 0x84429115U,
+};
+
+static const ulong32 T2[256] = {
+    0xd2bbba69U, 0x4de554a8U, 0xbce22f5eU, 0xcd2574e8U,
+    0x51f753a6U, 0x6bd0d3bbU, 0x6fd6d2b9U, 0x29b34d9aU,
+    0x5dfd50a0U, 0x8acfac45U, 0x0e098d07U, 0xc6a5bf63U,
+    0xdd3d70e0U, 0x55f152a4U, 0x527b9a29U, 0x2db54c98U,
+    0x8f46eac9U, 0x73c4d5b7U, 0x66559733U, 0x63dcd1bfU,
+    0xccaa3366U, 0x59fb51a2U, 0x71c75bb6U, 0xa2f3a651U,
+    0x5ffedea1U, 0x3dad4890U, 0x9ad7a84dU, 0x5e71992fU,
+    0x4be0dbabU, 0xc8ac3264U, 0xe695b773U, 0xd732fce5U,
+    0xab70e3dbU, 0x42639e21U, 0x7e41913fU, 0x567d9b2bU,
+    0xaf76e2d9U, 0xd6bdbb6bU, 0x199b4182U, 0xa5796edcU,
+    0xaef9a557U, 0x0b80cb8bU, 0xb1676bd6U, 0x6e599537U,
+    0xbee1a15fU, 0xeb10f3fbU, 0xfe81b17fU, 0x080c0204U,
+    0x1792cc85U, 0x37a2c495U, 0x744e1d3aU, 0x50781428U,
+    0x2bb0c39bU, 0x915763c6U, 0x4fe6daa9U, 0x69d35dbaU,
+    0x61df5fbeU, 0x57f2dca5U, 0xe9137dfaU, 0x1394cd87U,
+    0xe11f7ffeU, 0x75c15ab4U, 0xad756cd8U, 0x6dd55cb8U,
+    0xfb08f7f3U, 0x98d4264cU, 0xdb38ffe3U, 0x9354edc7U,
+    0x874ae8cdU, 0x4e699d27U, 0xa17f6fdeU, 0x02038e01U,
+    0x64561932U, 0xbae7a05dU, 0xe71af0fdU, 0x1e11890fU,
+    0x3c220f1eU, 0x1c12070eU, 0x86c5af43U, 0xcb20fbebU,
+    0x20300810U, 0x547e152aU, 0x342e0d1aU, 0x10180408U,
+    0x04060102U, 0x8d4564c8U, 0x5bf8dfa3U, 0xc52976ecU,
+    0xf90b79f2U, 0x53f4dda7U, 0xf48e3d7aU, 0x5874162cU,
+    0xfc823f7eU, 0xdcb2376eU, 0xa9736ddaU, 0xe0903870U,
+    0xdeb1b96fU, 0xd13773e6U, 0x834ce9cfU, 0xd4be356aU,
+    0x49e355aaU, 0xd93b71e2U, 0xf1077bf6U, 0x0a0f8c05U,
+    0xd53172e4U, 0x1a17880dU, 0xff0ef6f1U, 0xa8fc2a54U,
+    0xf8843e7cU, 0x65d95ebcU, 0x9cd2274eU, 0x0589468cU,
+    0x30280c18U, 0x894365caU, 0xbd6d68d0U, 0x995b61c2U,
+    0x0c0a0306U, 0x23bcc19fU, 0x41ef57aeU, 0x7fced6b1U,
+    0x43ecd9afU, 0x7dcd58b0U, 0x47ead8adU, 0x854966ccU,
+    0x7bc8d7b3U, 0xe89c3a74U, 0x078ac88dU, 0xf0883c78U,
+    0xcf26fae9U, 0x62539631U, 0xa6f5a753U, 0x5a77982dU,
+    0x9752ecc5U, 0xdab7b86dU, 0x3ba8c793U, 0x82c3ae41U,
+    0xb96b69d2U, 0x31a74b96U, 0x96ddab4bU, 0x9ed1a94fU,
+    0x814f67ceU, 0x283c0a14U, 0x018f478eU, 0xef16f2f9U,
+    0xee99b577U, 0x88cc2244U, 0xb364e5d7U, 0x9f5eeec1U,
+    0xc2a3be61U, 0xacfa2b56U, 0x3e21811fU, 0x486c1224U,
+    0x362d831bU, 0x6c5a1b36U, 0x38240e1cU, 0x8cca2346U,
+    0xf304f5f7U, 0x0983458aU, 0x84c62142U, 0x1f9ece81U,
+    0x39ab4992U, 0xb0e82c58U, 0xc32cf9efU, 0xbf6ee6d1U,
+    0xe293b671U, 0xa0f02850U, 0x5c72172eU, 0x322b8219U,
+    0x685c1a34U, 0x161d8b0bU, 0xdf3efee1U, 0x121b8a09U,
+    0x24360912U, 0x038cc98fU, 0x26358713U, 0x25b94e9cU,
+    0xa37ce1dfU, 0xb8e42e5cU, 0xb762e4d5U, 0xa77ae0ddU,
+    0x8b40ebcbU, 0x7a47903dU, 0xaaffa455U, 0x78441e3cU,
+    0x2e398517U, 0x9d5d60c0U, 0x00000000U, 0x94de254aU,
+    0xf702f4f5U, 0xe31cf1ffU, 0x6a5f9435U, 0x2c3a0b16U,
+    0xbb68e7d3U, 0xc92375eaU, 0x9b58efc3U, 0xd0b83468U,
+    0xc4a63162U, 0x77c2d4b5U, 0x67dad0bdU, 0x22338611U,
+    0xe5197efcU, 0x8ec9ad47U, 0xd334fde7U, 0xa4f62952U,
+    0xc0a03060U, 0xec9a3b76U, 0x46659f23U, 0xc72af8edU,
+    0x3faec691U, 0x4c6a1326U, 0x1814060cU, 0x141e050aU,
+    0x33a4c597U, 0x44661122U, 0xc12f77eeU, 0xed157cf8U,
+    0xf5017af4U, 0xfd0d78f0U, 0xd8b4366cU, 0x70481c38U,
+    0xe4963972U, 0x79cb59b2U, 0x60501830U, 0x45e956acU,
+    0xf68db37bU, 0xfa87b07dU, 0x90d82448U, 0x80c02040U,
+    0xf28bb279U, 0x724b9239U, 0xb6eda35bU, 0x27bac09dU,
+    0x0d854488U, 0x955162c4U, 0x40601020U, 0xea9fb475U,
+    0x2a3f8415U, 0x11974386U, 0x764d933bU, 0x2fb6c299U,
+    0x35a14a94U, 0xcea9bd67U, 0x06058f03U, 0xb4ee2d5aU,
+    0xcaafbc65U, 0x4a6f9c25U, 0xb5616ad4U, 0x1d9d4080U,
+    0x1b98cf83U, 0xb2eba259U, 0x3a27801dU, 0x21bf4f9eU,
+    0x7c421f3eU, 0x0f86ca89U, 0x92dbaa49U, 0x15914284U,
+};
+
+static const ulong32 T3[256] = {
+    0xbbd269baU, 0xe54da854U, 0xe2bc5e2fU, 0x25cde874U,
+    0xf751a653U, 0xd06bbbd3U, 0xd66fb9d2U, 0xb3299a4dU,
+    0xfd5da050U, 0xcf8a45acU, 0x090e078dU, 0xa5c663bfU,
+    0x3ddde070U, 0xf155a452U, 0x7b52299aU, 0xb52d984cU,
+    0x468fc9eaU, 0xc473b7d5U, 0x55663397U, 0xdc63bfd1U,
+    0xaacc6633U, 0xfb59a251U, 0xc771b65bU, 0xf3a251a6U,
+    0xfe5fa1deU, 0xad3d9048U, 0xd79a4da8U, 0x715e2f99U,
+    0xe04babdbU, 0xacc86432U, 0x95e673b7U, 0x32d7e5fcU,
+    0x70abdbe3U, 0x6342219eU, 0x417e3f91U, 0x7d562b9bU,
+    0x76afd9e2U, 0xbdd66bbbU, 0x9b198241U, 0x79a5dc6eU,
+    0xf9ae57a5U, 0x800b8bcbU, 0x67b1d66bU, 0x596e3795U,
+    0xe1be5fa1U, 0x10ebfbf3U, 0x81fe7fb1U, 0x0c080402U,
+    0x921785ccU, 0xa23795c4U, 0x4e743a1dU, 0x78502814U,
+    0xb02b9bc3U, 0x5791c663U, 0xe64fa9daU, 0xd369ba5dU,
+    0xdf61be5fU, 0xf257a5dcU, 0x13e9fa7dU, 0x941387cdU,
+    0x1fe1fe7fU, 0xc175b45aU, 0x75add86cU, 0xd56db85cU,
+    0x08fbf3f7U, 0xd4984c26U, 0x38dbe3ffU, 0x5493c7edU,
+    0x4a87cde8U, 0x694e279dU, 0x7fa1de6fU, 0x0302018eU,
+    0x56643219U, 0xe7ba5da0U, 0x1ae7fdf0U, 0x111e0f89U,
+    0x223c1e0fU, 0x121c0e07U, 0xc58643afU, 0x20cbebfbU,
+    0x30201008U, 0x7e542a15U, 0x2e341a0dU, 0x18100804U,
+    0x06040201U, 0x458dc864U, 0xf85ba3dfU, 0x29c5ec76U,
+    0x0bf9f279U, 0xf453a7ddU, 0x8ef47a3dU, 0x74582c16U,
+    0x82fc7e3fU, 0xb2dc6e37U, 0x73a9da6dU, 0x90e07038U,
+    0xb1de6fb9U, 0x37d1e673U, 0x4c83cfe9U, 0xbed46a35U,
+    0xe349aa55U, 0x3bd9e271U, 0x07f1f67bU, 0x0f0a058cU,
+    0x31d5e472U, 0x171a0d88U, 0x0efff1f6U, 0xfca8542aU,
+    0x84f87c3eU, 0xd965bc5eU, 0xd29c4e27U, 0x89058c46U,
+    0x2830180cU, 0x4389ca65U, 0x6dbdd068U, 0x5b99c261U,
+    0x0a0c0603U, 0xbc239fc1U, 0xef41ae57U, 0xce7fb1d6U,
+    0xec43afd9U, 0xcd7db058U, 0xea47add8U, 0x4985cc66U,
+    0xc87bb3d7U, 0x9ce8743aU, 0x8a078dc8U, 0x88f0783cU,
+    0x26cfe9faU, 0x53623196U, 0xf5a653a7U, 0x775a2d98U,
+    0x5297c5ecU, 0xb7da6db8U, 0xa83b93c7U, 0xc38241aeU,
+    0x6bb9d269U, 0xa731964bU, 0xdd964babU, 0xd19e4fa9U,
+    0x4f81ce67U, 0x3c28140aU, 0x8f018e47U, 0x16eff9f2U,
+    0x99ee77b5U, 0xcc884422U, 0x64b3d7e5U, 0x5e9fc1eeU,
+    0xa3c261beU, 0xfaac562bU, 0x213e1f81U, 0x6c482412U,
+    0x2d361b83U, 0x5a6c361bU, 0x24381c0eU, 0xca8c4623U,
+    0x04f3f7f5U, 0x83098a45U, 0xc6844221U, 0x9e1f81ceU,
+    0xab399249U, 0xe8b0582cU, 0x2cc3eff9U, 0x6ebfd1e6U,
+    0x93e271b6U, 0xf0a05028U, 0x725c2e17U, 0x2b321982U,
+    0x5c68341aU, 0x1d160b8bU, 0x3edfe1feU, 0x1b12098aU,
+    0x36241209U, 0x8c038fc9U, 0x35261387U, 0xb9259c4eU,
+    0x7ca3dfe1U, 0xe4b85c2eU, 0x62b7d5e4U, 0x7aa7dde0U,
+    0x408bcbebU, 0x477a3d90U, 0xffaa55a4U, 0x44783c1eU,
+    0x392e1785U, 0x5d9dc060U, 0x00000000U, 0xde944a25U,
+    0x02f7f5f4U, 0x1ce3fff1U, 0x5f6a3594U, 0x3a2c160bU,
+    0x68bbd3e7U, 0x23c9ea75U, 0x589bc3efU, 0xb8d06834U,
+    0xa6c46231U, 0xc277b5d4U, 0xda67bdd0U, 0x33221186U,
+    0x19e5fc7eU, 0xc98e47adU, 0x34d3e7fdU, 0xf6a45229U,
+    0xa0c06030U, 0x9aec763bU, 0x6546239fU, 0x2ac7edf8U,
+    0xae3f91c6U, 0x6a4c2613U, 0x14180c06U, 0x1e140a05U,
+    0xa43397c5U, 0x66442211U, 0x2fc1ee77U, 0x15edf87cU,
+    0x01f5f47aU, 0x0dfdf078U, 0xb4d86c36U, 0x4870381cU,
+    0x96e47239U, 0xcb79b259U, 0x50603018U, 0xe945ac56U,
+    0x8df67bb3U, 0x87fa7db0U, 0xd8904824U, 0xc0804020U,
+    0x8bf279b2U, 0x4b723992U, 0xedb65ba3U, 0xba279dc0U,
+    0x850d8844U, 0x5195c462U, 0x60402010U, 0x9fea75b4U,
+    0x3f2a1584U, 0x97118643U, 0x4d763b93U, 0xb62f99c2U,
+    0xa135944aU, 0xa9ce67bdU, 0x0506038fU, 0xeeb45a2dU,
+    0xafca65bcU, 0x6f4a259cU, 0x61b5d46aU, 0x9d1d8040U,
+    0x981b83cfU, 0xebb259a2U, 0x273a1d80U, 0xbf219e4fU,
+    0x427c3e1fU, 0x860f89caU, 0xdb9249aaU, 0x91158442U,
+};
+
+static const ulong32 T4[256] = {
+    0xbabababaU, 0x54545454U, 0x2f2f2f2fU, 0x74747474U,
+    0x53535353U, 0xd3d3d3d3U, 0xd2d2d2d2U, 0x4d4d4d4dU,
+    0x50505050U, 0xacacacacU, 0x8d8d8d8dU, 0xbfbfbfbfU,
+    0x70707070U, 0x52525252U, 0x9a9a9a9aU, 0x4c4c4c4cU,
+    0xeaeaeaeaU, 0xd5d5d5d5U, 0x97979797U, 0xd1d1d1d1U,
+    0x33333333U, 0x51515151U, 0x5b5b5b5bU, 0xa6a6a6a6U,
+    0xdedededeU, 0x48484848U, 0xa8a8a8a8U, 0x99999999U,
+    0xdbdbdbdbU, 0x32323232U, 0xb7b7b7b7U, 0xfcfcfcfcU,
+    0xe3e3e3e3U, 0x9e9e9e9eU, 0x91919191U, 0x9b9b9b9bU,
+    0xe2e2e2e2U, 0xbbbbbbbbU, 0x41414141U, 0x6e6e6e6eU,
+    0xa5a5a5a5U, 0xcbcbcbcbU, 0x6b6b6b6bU, 0x95959595U,
+    0xa1a1a1a1U, 0xf3f3f3f3U, 0xb1b1b1b1U, 0x02020202U,
+    0xccccccccU, 0xc4c4c4c4U, 0x1d1d1d1dU, 0x14141414U,
+    0xc3c3c3c3U, 0x63636363U, 0xdadadadaU, 0x5d5d5d5dU,
+    0x5f5f5f5fU, 0xdcdcdcdcU, 0x7d7d7d7dU, 0xcdcdcdcdU,
+    0x7f7f7f7fU, 0x5a5a5a5aU, 0x6c6c6c6cU, 0x5c5c5c5cU,
+    0xf7f7f7f7U, 0x26262626U, 0xffffffffU, 0xededededU,
+    0xe8e8e8e8U, 0x9d9d9d9dU, 0x6f6f6f6fU, 0x8e8e8e8eU,
+    0x19191919U, 0xa0a0a0a0U, 0xf0f0f0f0U, 0x89898989U,
+    0x0f0f0f0fU, 0x07070707U, 0xafafafafU, 0xfbfbfbfbU,
+    0x08080808U, 0x15151515U, 0x0d0d0d0dU, 0x04040404U,
+    0x01010101U, 0x64646464U, 0xdfdfdfdfU, 0x76767676U,
+    0x79797979U, 0xddddddddU, 0x3d3d3d3dU, 0x16161616U,
+    0x3f3f3f3fU, 0x37373737U, 0x6d6d6d6dU, 0x38383838U,
+    0xb9b9b9b9U, 0x73737373U, 0xe9e9e9e9U, 0x35353535U,
+    0x55555555U, 0x71717171U, 0x7b7b7b7bU, 0x8c8c8c8cU,
+    0x72727272U, 0x88888888U, 0xf6f6f6f6U, 0x2a2a2a2aU,
+    0x3e3e3e3eU, 0x5e5e5e5eU, 0x27272727U, 0x46464646U,
+    0x0c0c0c0cU, 0x65656565U, 0x68686868U, 0x61616161U,
+    0x03030303U, 0xc1c1c1c1U, 0x57575757U, 0xd6d6d6d6U,
+    0xd9d9d9d9U, 0x58585858U, 0xd8d8d8d8U, 0x66666666U,
+    0xd7d7d7d7U, 0x3a3a3a3aU, 0xc8c8c8c8U, 0x3c3c3c3cU,
+    0xfafafafaU, 0x96969696U, 0xa7a7a7a7U, 0x98989898U,
+    0xececececU, 0xb8b8b8b8U, 0xc7c7c7c7U, 0xaeaeaeaeU,
+    0x69696969U, 0x4b4b4b4bU, 0xababababU, 0xa9a9a9a9U,
+    0x67676767U, 0x0a0a0a0aU, 0x47474747U, 0xf2f2f2f2U,
+    0xb5b5b5b5U, 0x22222222U, 0xe5e5e5e5U, 0xeeeeeeeeU,
+    0xbebebebeU, 0x2b2b2b2bU, 0x81818181U, 0x12121212U,
+    0x83838383U, 0x1b1b1b1bU, 0x0e0e0e0eU, 0x23232323U,
+    0xf5f5f5f5U, 0x45454545U, 0x21212121U, 0xcecececeU,
+    0x49494949U, 0x2c2c2c2cU, 0xf9f9f9f9U, 0xe6e6e6e6U,
+    0xb6b6b6b6U, 0x28282828U, 0x17171717U, 0x82828282U,
+    0x1a1a1a1aU, 0x8b8b8b8bU, 0xfefefefeU, 0x8a8a8a8aU,
+    0x09090909U, 0xc9c9c9c9U, 0x87878787U, 0x4e4e4e4eU,
+    0xe1e1e1e1U, 0x2e2e2e2eU, 0xe4e4e4e4U, 0xe0e0e0e0U,
+    0xebebebebU, 0x90909090U, 0xa4a4a4a4U, 0x1e1e1e1eU,
+    0x85858585U, 0x60606060U, 0x00000000U, 0x25252525U,
+    0xf4f4f4f4U, 0xf1f1f1f1U, 0x94949494U, 0x0b0b0b0bU,
+    0xe7e7e7e7U, 0x75757575U, 0xefefefefU, 0x34343434U,
+    0x31313131U, 0xd4d4d4d4U, 0xd0d0d0d0U, 0x86868686U,
+    0x7e7e7e7eU, 0xadadadadU, 0xfdfdfdfdU, 0x29292929U,
+    0x30303030U, 0x3b3b3b3bU, 0x9f9f9f9fU, 0xf8f8f8f8U,
+    0xc6c6c6c6U, 0x13131313U, 0x06060606U, 0x05050505U,
+    0xc5c5c5c5U, 0x11111111U, 0x77777777U, 0x7c7c7c7cU,
+    0x7a7a7a7aU, 0x78787878U, 0x36363636U, 0x1c1c1c1cU,
+    0x39393939U, 0x59595959U, 0x18181818U, 0x56565656U,
+    0xb3b3b3b3U, 0xb0b0b0b0U, 0x24242424U, 0x20202020U,
+    0xb2b2b2b2U, 0x92929292U, 0xa3a3a3a3U, 0xc0c0c0c0U,
+    0x44444444U, 0x62626262U, 0x10101010U, 0xb4b4b4b4U,
+    0x84848484U, 0x43434343U, 0x93939393U, 0xc2c2c2c2U,
+    0x4a4a4a4aU, 0xbdbdbdbdU, 0x8f8f8f8fU, 0x2d2d2d2dU,
+    0xbcbcbcbcU, 0x9c9c9c9cU, 0x6a6a6a6aU, 0x40404040U,
+    0xcfcfcfcfU, 0xa2a2a2a2U, 0x80808080U, 0x4f4f4f4fU,
+    0x1f1f1f1fU, 0xcacacacaU, 0xaaaaaaaaU, 0x42424242U,
+};
+
+static const ulong32 T5[256] = {
+    0x00000000U, 0x01020608U, 0x02040c10U, 0x03060a18U,
+    0x04081820U, 0x050a1e28U, 0x060c1430U, 0x070e1238U,
+    0x08103040U, 0x09123648U, 0x0a143c50U, 0x0b163a58U,
+    0x0c182860U, 0x0d1a2e68U, 0x0e1c2470U, 0x0f1e2278U,
+    0x10206080U, 0x11226688U, 0x12246c90U, 0x13266a98U,
+    0x142878a0U, 0x152a7ea8U, 0x162c74b0U, 0x172e72b8U,
+    0x183050c0U, 0x193256c8U, 0x1a345cd0U, 0x1b365ad8U,
+    0x1c3848e0U, 0x1d3a4ee8U, 0x1e3c44f0U, 0x1f3e42f8U,
+    0x2040c01dU, 0x2142c615U, 0x2244cc0dU, 0x2346ca05U,
+    0x2448d83dU, 0x254ade35U, 0x264cd42dU, 0x274ed225U,
+    0x2850f05dU, 0x2952f655U, 0x2a54fc4dU, 0x2b56fa45U,
+    0x2c58e87dU, 0x2d5aee75U, 0x2e5ce46dU, 0x2f5ee265U,
+    0x3060a09dU, 0x3162a695U, 0x3264ac8dU, 0x3366aa85U,
+    0x3468b8bdU, 0x356abeb5U, 0x366cb4adU, 0x376eb2a5U,
+    0x387090ddU, 0x397296d5U, 0x3a749ccdU, 0x3b769ac5U,
+    0x3c7888fdU, 0x3d7a8ef5U, 0x3e7c84edU, 0x3f7e82e5U,
+    0x40809d3aU, 0x41829b32U, 0x4284912aU, 0x43869722U,
+    0x4488851aU, 0x458a8312U, 0x468c890aU, 0x478e8f02U,
+    0x4890ad7aU, 0x4992ab72U, 0x4a94a16aU, 0x4b96a762U,
+    0x4c98b55aU, 0x4d9ab352U, 0x4e9cb94aU, 0x4f9ebf42U,
+    0x50a0fdbaU, 0x51a2fbb2U, 0x52a4f1aaU, 0x53a6f7a2U,
+    0x54a8e59aU, 0x55aae392U, 0x56ace98aU, 0x57aeef82U,
+    0x58b0cdfaU, 0x59b2cbf2U, 0x5ab4c1eaU, 0x5bb6c7e2U,
+    0x5cb8d5daU, 0x5dbad3d2U, 0x5ebcd9caU, 0x5fbedfc2U,
+    0x60c05d27U, 0x61c25b2fU, 0x62c45137U, 0x63c6573fU,
+    0x64c84507U, 0x65ca430fU, 0x66cc4917U, 0x67ce4f1fU,
+    0x68d06d67U, 0x69d26b6fU, 0x6ad46177U, 0x6bd6677fU,
+    0x6cd87547U, 0x6dda734fU, 0x6edc7957U, 0x6fde7f5fU,
+    0x70e03da7U, 0x71e23bafU, 0x72e431b7U, 0x73e637bfU,
+    0x74e82587U, 0x75ea238fU, 0x76ec2997U, 0x77ee2f9fU,
+    0x78f00de7U, 0x79f20befU, 0x7af401f7U, 0x7bf607ffU,
+    0x7cf815c7U, 0x7dfa13cfU, 0x7efc19d7U, 0x7ffe1fdfU,
+    0x801d2774U, 0x811f217cU, 0x82192b64U, 0x831b2d6cU,
+    0x84153f54U, 0x8517395cU, 0x86113344U, 0x8713354cU,
+    0x880d1734U, 0x890f113cU, 0x8a091b24U, 0x8b0b1d2cU,
+    0x8c050f14U, 0x8d07091cU, 0x8e010304U, 0x8f03050cU,
+    0x903d47f4U, 0x913f41fcU, 0x92394be4U, 0x933b4decU,
+    0x94355fd4U, 0x953759dcU, 0x963153c4U, 0x973355ccU,
+    0x982d77b4U, 0x992f71bcU, 0x9a297ba4U, 0x9b2b7dacU,
+    0x9c256f94U, 0x9d27699cU, 0x9e216384U, 0x9f23658cU,
+    0xa05de769U, 0xa15fe161U, 0xa259eb79U, 0xa35bed71U,
+    0xa455ff49U, 0xa557f941U, 0xa651f359U, 0xa753f551U,
+    0xa84dd729U, 0xa94fd121U, 0xaa49db39U, 0xab4bdd31U,
+    0xac45cf09U, 0xad47c901U, 0xae41c319U, 0xaf43c511U,
+    0xb07d87e9U, 0xb17f81e1U, 0xb2798bf9U, 0xb37b8df1U,
+    0xb4759fc9U, 0xb57799c1U, 0xb67193d9U, 0xb77395d1U,
+    0xb86db7a9U, 0xb96fb1a1U, 0xba69bbb9U, 0xbb6bbdb1U,
+    0xbc65af89U, 0xbd67a981U, 0xbe61a399U, 0xbf63a591U,
+    0xc09dba4eU, 0xc19fbc46U, 0xc299b65eU, 0xc39bb056U,
+    0xc495a26eU, 0xc597a466U, 0xc691ae7eU, 0xc793a876U,
+    0xc88d8a0eU, 0xc98f8c06U, 0xca89861eU, 0xcb8b8016U,
+    0xcc85922eU, 0xcd879426U, 0xce819e3eU, 0xcf839836U,
+    0xd0bddaceU, 0xd1bfdcc6U, 0xd2b9d6deU, 0xd3bbd0d6U,
+    0xd4b5c2eeU, 0xd5b7c4e6U, 0xd6b1cefeU, 0xd7b3c8f6U,
+    0xd8adea8eU, 0xd9afec86U, 0xdaa9e69eU, 0xdbabe096U,
+    0xdca5f2aeU, 0xdda7f4a6U, 0xdea1febeU, 0xdfa3f8b6U,
+    0xe0dd7a53U, 0xe1df7c5bU, 0xe2d97643U, 0xe3db704bU,
+    0xe4d56273U, 0xe5d7647bU, 0xe6d16e63U, 0xe7d3686bU,
+    0xe8cd4a13U, 0xe9cf4c1bU, 0xeac94603U, 0xebcb400bU,
+    0xecc55233U, 0xedc7543bU, 0xeec15e23U, 0xefc3582bU,
+    0xf0fd1ad3U, 0xf1ff1cdbU, 0xf2f916c3U, 0xf3fb10cbU,
+    0xf4f502f3U, 0xf5f704fbU, 0xf6f10ee3U, 0xf7f308ebU,
+    0xf8ed2a93U, 0xf9ef2c9bU, 0xfae92683U, 0xfbeb208bU,
+    0xfce532b3U, 0xfde734bbU, 0xfee13ea3U, 0xffe338abU,
+};
+
+/**
+ * The round constants.
+ */
+static const ulong32 rc[] = {
+    0xba542f74U, 0x53d3d24dU, 0x50ac8dbfU, 0x70529a4cU,
+    0xead597d1U, 0x33515ba6U, 0xde48a899U, 0xdb32b7fcU,
+    0xe39e919bU, 0xe2bb416eU, 0xa5cb6b95U, 0xa1f3b102U,
+    0xccc41d14U, 0xc363da5dU, 0x5fdc7dcdU, 0x7f5a6c5cU,
+    0xf726ffedU, 0xe89d6f8eU, 0x19a0f089U,
+};
+
+
+
+#else
+
+
+static const ulong32 T0[256] = {
+    0xa753a6f5U, 0xd3bb6bd0U, 0xe6d1bf6eU, 0x71e2d93bU,
+    0xd0bd67daU, 0xac458acfU, 0x4d9a29b3U, 0x79f2f90bU,
+    0x3a74e89cU, 0xc98f038cU, 0x913f7e41U, 0xfce5d732U,
+    0x1e3c7844U, 0x478e018fU, 0x54a84de5U, 0xbd67cea9U,
+    0x8c050a0fU, 0xa557aef9U, 0x7af4f501U, 0xfbebcb20U,
+    0x63c69157U, 0xb86ddab7U, 0xdda753f4U, 0xd4b577c2U,
+    0xe5d7b364U, 0xb37bf68dU, 0xc59733a4U, 0xbe61c2a3U,
+    0xa94f9ed1U, 0x880d1a17U, 0x0c183028U, 0xa259b2ebU,
+    0x3972e496U, 0xdfa35bf8U, 0x2952a4f6U, 0xdaa94fe6U,
+    0x2b56acfaU, 0xa84d9ad7U, 0xcb8b0b80U, 0x4c982db5U,
+    0x4b9631a7U, 0x224488ccU, 0xaa4992dbU, 0x244890d8U,
+    0x4182199bU, 0x70e0dd3dU, 0xa651a2f3U, 0xf9efc32cU,
+    0x5ab475c1U, 0xe2d9af76U, 0xb07dfa87U, 0x366cd8b4U,
+    0x7dfae913U, 0xe4d5b762U, 0x3366ccaaU, 0xffe3db38U,
+    0x60c09d5dU, 0x204080c0U, 0x08102030U, 0x8b0b161dU,
+    0x5ebc65d9U, 0xab4b96ddU, 0x7ffee11fU, 0x78f0fd0dU,
+    0x7cf8ed15U, 0x2c58b0e8U, 0x57ae41efU, 0xd2b96fd6U,
+    0xdca557f2U, 0x6ddaa973U, 0x7efce519U, 0x0d1a342eU,
+    0x53a651f7U, 0x94356a5fU, 0xc39b2bb0U, 0x2850a0f0U,
+    0x274e9cd2U, 0x060c1814U, 0x5fbe61dfU, 0xad478ec9U,
+    0x67ce814fU, 0x5cb86dd5U, 0x55aa49e3U, 0x48903dadU,
+    0x0e1c3824U, 0x52a455f1U, 0xeac98f46U, 0x42841591U,
+    0x5bb671c7U, 0x5dba69d3U, 0x3060c0a0U, 0x58b07dcdU,
+    0x51a259fbU, 0x59b279cbU, 0x3c78f088U, 0x4e9c25b9U,
+    0x3870e090U, 0x8a09121bU, 0x72e4d531U, 0x14285078U,
+    0xe7d3bb68U, 0xc6913faeU, 0xdea15ffeU, 0x50a05dfdU,
+    0x8e010203U, 0x9239724bU, 0xd1bf63dcU, 0x77eec12fU,
+    0x933b764dU, 0x458a0983U, 0x9a29527bU, 0xce811f9eU,
+    0x2d5ab4eeU, 0x03060c0aU, 0x62c49551U, 0xb671e293U,
+    0xb96fdeb1U, 0xbf63c6a5U, 0x96316253U, 0x6bd6b167U,
+    0x3f7efc82U, 0x070e1c12U, 0x1224486cU, 0xae4182c3U,
+    0x40801d9dU, 0x3468d0b8U, 0x468c0589U, 0x3e7cf884U,
+    0xdbab4be0U, 0xcf831b98U, 0xecc59752U, 0xcc851792U,
+    0xc19f23bcU, 0xa15fbee1U, 0xc09d27baU, 0xd6b17fceU,
+    0x1d3a744eU, 0xf4f5f702U, 0x61c2995bU, 0x3b76ec9aU,
+    0x10204060U, 0xd8ad47eaU, 0x68d0bd6dU, 0xa05dbae7U,
+    0xb17ffe81U, 0x0a14283cU, 0x69d2b96bU, 0x6cd8ad75U,
+    0x499239abU, 0xfae9cf26U, 0x76ecc529U, 0xc49537a2U,
+    0x9e214263U, 0x9b2b567dU, 0x6edca579U, 0x992f5e71U,
+    0xc2992fb6U, 0xb773e695U, 0x982d5a77U, 0xbc65caafU,
+    0x8f030605U, 0x85172e39U, 0x1f3e7c42U, 0xb475ea9fU,
+    0xf8edc72aU, 0x11224466U, 0x2e5cb8e4U, 0x00000000U,
+    0x254a94deU, 0x1c387048U, 0x2a54a8fcU, 0x3d7af48eU,
+    0x050a141eU, 0x4f9e21bfU, 0x7bf6f107U, 0xb279f28bU,
+    0x3264c8acU, 0x903d7a47U, 0xaf4386c5U, 0x19326456U,
+    0xa35bb6edU, 0xf7f3fb08U, 0x73e6d137U, 0x9d274e69U,
+    0x152a547eU, 0x74e8cd25U, 0xeec19f5eU, 0xca890f86U,
+    0x9f234665U, 0x0f1e3c22U, 0x1b366c5aU, 0x75eac923U,
+    0x86112233U, 0x84152a3fU, 0x9c254a6fU, 0x4a9435a1U,
+    0x97336655U, 0x1a34685cU, 0x65ca8943U, 0xf6f1ff0eU,
+    0xedc79354U, 0x09122436U, 0xbb6bd6bdU, 0x264c98d4U,
+    0x831b362dU, 0xebcb8b40U, 0x6fdea17fU, 0x811f3e21U,
+    0x04081018U, 0x6ad4b561U, 0x43861197U, 0x01020406U,
+    0x172e5c72U, 0xe1dfa37cU, 0x87132635U, 0xf5f7f304U,
+    0x8d070e09U, 0xe3dbab70U, 0x23468ccaU, 0x801d3a27U,
+    0x44880d85U, 0x162c5874U, 0x66cc8549U, 0x214284c6U,
+    0xfee1df3eU, 0xd5b773c4U, 0x3162c4a6U, 0xd9af43ecU,
+    0x356ad4beU, 0x18306050U, 0x0204080cU, 0x64c88d45U,
+    0xf2f9ef16U, 0xf1ffe31cU, 0x56ac45e9U, 0xcd871394U,
+    0x8219322bU, 0xc88d078aU, 0xba69d2bbU, 0xf0fde71aU,
+    0xefc39b58U, 0xe9cf834cU, 0xe8cd874aU, 0xfde7d334U,
+    0x890f1e11U, 0xd7b37bc8U, 0xc7933ba8U, 0xb577ee99U,
+    0xa455aaffU, 0x2f5ebce2U, 0x95376e59U, 0x13264c6aU,
+    0x0b162c3aU, 0xf3fbeb10U, 0xe0dda77aU, 0x376edcb2U,
+};
+
+static const ulong32 T1[256] = {
+    0x53a7f5a6U, 0xbbd3d06bU, 0xd1e66ebfU, 0xe2713bd9U,
+    0xbdd0da67U, 0x45accf8aU, 0x9a4db329U, 0xf2790bf9U,
+    0x743a9ce8U, 0x8fc98c03U, 0x3f91417eU, 0xe5fc32d7U,
+    0x3c1e4478U, 0x8e478f01U, 0xa854e54dU, 0x67bda9ceU,
+    0x058c0f0aU, 0x57a5f9aeU, 0xf47a01f5U, 0xebfb20cbU,
+    0xc6635791U, 0x6db8b7daU, 0xa7ddf453U, 0xb5d4c277U,
+    0xd7e564b3U, 0x7bb38df6U, 0x97c5a433U, 0x61bea3c2U,
+    0x4fa9d19eU, 0x0d88171aU, 0x180c2830U, 0x59a2ebb2U,
+    0x723996e4U, 0xa3dff85bU, 0x5229f6a4U, 0xa9dae64fU,
+    0x562bfaacU, 0x4da8d79aU, 0x8bcb800bU, 0x984cb52dU,
+    0x964ba731U, 0x4422cc88U, 0x49aadb92U, 0x4824d890U,
+    0x82419b19U, 0xe0703dddU, 0x51a6f3a2U, 0xeff92cc3U,
+    0xb45ac175U, 0xd9e276afU, 0x7db087faU, 0x6c36b4d8U,
+    0xfa7d13e9U, 0xd5e462b7U, 0x6633aaccU, 0xe3ff38dbU,
+    0xc0605d9dU, 0x4020c080U, 0x10083020U, 0x0b8b1d16U,
+    0xbc5ed965U, 0x4babdd96U, 0xfe7f1fe1U, 0xf0780dfdU,
+    0xf87c15edU, 0x582ce8b0U, 0xae57ef41U, 0xb9d2d66fU,
+    0xa5dcf257U, 0xda6d73a9U, 0xfc7e19e5U, 0x1a0d2e34U,
+    0xa653f751U, 0x35945f6aU, 0x9bc3b02bU, 0x5028f0a0U,
+    0x4e27d29cU, 0x0c061418U, 0xbe5fdf61U, 0x47adc98eU,
+    0xce674f81U, 0xb85cd56dU, 0xaa55e349U, 0x9048ad3dU,
+    0x1c0e2438U, 0xa452f155U, 0xc9ea468fU, 0x84429115U,
+    0xb65bc771U, 0xba5dd369U, 0x6030a0c0U, 0xb058cd7dU,
+    0xa251fb59U, 0xb259cb79U, 0x783c88f0U, 0x9c4eb925U,
+    0x703890e0U, 0x098a1b12U, 0xe47231d5U, 0x28147850U,
+    0xd3e768bbU, 0x91c6ae3fU, 0xa1defe5fU, 0xa050fd5dU,
+    0x018e0302U, 0x39924b72U, 0xbfd1dc63U, 0xee772fc1U,
+    0x3b934d76U, 0x8a458309U, 0x299a7b52U, 0x81ce9e1fU,
+    0x5a2deeb4U, 0x06030a0cU, 0xc4625195U, 0x71b693e2U,
+    0x6fb9b1deU, 0x63bfa5c6U, 0x31965362U, 0xd66b67b1U,
+    0x7e3f82fcU, 0x0e07121cU, 0x24126c48U, 0x41aec382U,
+    0x80409d1dU, 0x6834b8d0U, 0x8c468905U, 0x7c3e84f8U,
+    0xabdbe04bU, 0x83cf981bU, 0xc5ec5297U, 0x85cc9217U,
+    0x9fc1bc23U, 0x5fa1e1beU, 0x9dc0ba27U, 0xb1d6ce7fU,
+    0x3a1d4e74U, 0xf5f402f7U, 0xc2615b99U, 0x763b9aecU,
+    0x20106040U, 0xadd8ea47U, 0xd0686dbdU, 0x5da0e7baU,
+    0x7fb181feU, 0x140a3c28U, 0xd2696bb9U, 0xd86c75adU,
+    0x9249ab39U, 0xe9fa26cfU, 0xec7629c5U, 0x95c4a237U,
+    0x219e6342U, 0x2b9b7d56U, 0xdc6e79a5U, 0x2f99715eU,
+    0x99c2b62fU, 0x73b795e6U, 0x2d98775aU, 0x65bcafcaU,
+    0x038f0506U, 0x1785392eU, 0x3e1f427cU, 0x75b49feaU,
+    0xedf82ac7U, 0x22116644U, 0x5c2ee4b8U, 0x00000000U,
+    0x4a25de94U, 0x381c4870U, 0x542afca8U, 0x7a3d8ef4U,
+    0x0a051e14U, 0x9e4fbf21U, 0xf67b07f1U, 0x79b28bf2U,
+    0x6432acc8U, 0x3d90477aU, 0x43afc586U, 0x32195664U,
+    0x5ba3edb6U, 0xf3f708fbU, 0xe67337d1U, 0x279d694eU,
+    0x2a157e54U, 0xe87425cdU, 0xc1ee5e9fU, 0x89ca860fU,
+    0x239f6546U, 0x1e0f223cU, 0x361b5a6cU, 0xea7523c9U,
+    0x11863322U, 0x15843f2aU, 0x259c6f4aU, 0x944aa135U,
+    0x33975566U, 0x341a5c68U, 0xca654389U, 0xf1f60effU,
+    0xc7ed5493U, 0x12093624U, 0x6bbbbdd6U, 0x4c26d498U,
+    0x1b832d36U, 0xcbeb408bU, 0xde6f7fa1U, 0x1f81213eU,
+    0x08041810U, 0xd46a61b5U, 0x86439711U, 0x02010604U,
+    0x2e17725cU, 0xdfe17ca3U, 0x13873526U, 0xf7f504f3U,
+    0x078d090eU, 0xdbe370abU, 0x4623ca8cU, 0x1d80273aU,
+    0x8844850dU, 0x2c167458U, 0xcc664985U, 0x4221c684U,
+    0xe1fe3edfU, 0xb7d5c473U, 0x6231a6c4U, 0xafd9ec43U,
+    0x6a35bed4U, 0x30185060U, 0x04020c08U, 0xc864458dU,
+    0xf9f216efU, 0xfff11ce3U, 0xac56e945U, 0x87cd9413U,
+    0x19822b32U, 0x8dc88a07U, 0x69babbd2U, 0xfdf01ae7U,
+    0xc3ef589bU, 0xcfe94c83U, 0xcde84a87U, 0xe7fd34d3U,
+    0x0f89111eU, 0xb3d7c87bU, 0x93c7a83bU, 0x77b599eeU,
+    0x55a4ffaaU, 0x5e2fe2bcU, 0x3795596eU, 0x26136a4cU,
+    0x160b3a2cU, 0xfbf310ebU, 0xdde07aa7U, 0x6e37b2dcU,
+};
+
+static const ulong32 T2[256] = {
+    0xa6f5a753U, 0x6bd0d3bbU, 0xbf6ee6d1U, 0xd93b71e2U,
+    0x67dad0bdU, 0x8acfac45U, 0x29b34d9aU, 0xf90b79f2U,
+    0xe89c3a74U, 0x038cc98fU, 0x7e41913fU, 0xd732fce5U,
+    0x78441e3cU, 0x018f478eU, 0x4de554a8U, 0xcea9bd67U,
+    0x0a0f8c05U, 0xaef9a557U, 0xf5017af4U, 0xcb20fbebU,
+    0x915763c6U, 0xdab7b86dU, 0x53f4dda7U, 0x77c2d4b5U,
+    0xb364e5d7U, 0xf68db37bU, 0x33a4c597U, 0xc2a3be61U,
+    0x9ed1a94fU, 0x1a17880dU, 0x30280c18U, 0xb2eba259U,
+    0xe4963972U, 0x5bf8dfa3U, 0xa4f62952U, 0x4fe6daa9U,
+    0xacfa2b56U, 0x9ad7a84dU, 0x0b80cb8bU, 0x2db54c98U,
+    0x31a74b96U, 0x88cc2244U, 0x92dbaa49U, 0x90d82448U,
+    0x199b4182U, 0xdd3d70e0U, 0xa2f3a651U, 0xc32cf9efU,
+    0x75c15ab4U, 0xaf76e2d9U, 0xfa87b07dU, 0xd8b4366cU,
+    0xe9137dfaU, 0xb762e4d5U, 0xccaa3366U, 0xdb38ffe3U,
+    0x9d5d60c0U, 0x80c02040U, 0x20300810U, 0x161d8b0bU,
+    0x65d95ebcU, 0x96ddab4bU, 0xe11f7ffeU, 0xfd0d78f0U,
+    0xed157cf8U, 0xb0e82c58U, 0x41ef57aeU, 0x6fd6d2b9U,
+    0x57f2dca5U, 0xa9736ddaU, 0xe5197efcU, 0x342e0d1aU,
+    0x51f753a6U, 0x6a5f9435U, 0x2bb0c39bU, 0xa0f02850U,
+    0x9cd2274eU, 0x1814060cU, 0x61df5fbeU, 0x8ec9ad47U,
+    0x814f67ceU, 0x6dd55cb8U, 0x49e355aaU, 0x3dad4890U,
+    0x38240e1cU, 0x55f152a4U, 0x8f46eac9U, 0x15914284U,
+    0x71c75bb6U, 0x69d35dbaU, 0xc0a03060U, 0x7dcd58b0U,
+    0x59fb51a2U, 0x79cb59b2U, 0xf0883c78U, 0x25b94e9cU,
+    0xe0903870U, 0x121b8a09U, 0xd53172e4U, 0x50781428U,
+    0xbb68e7d3U, 0x3faec691U, 0x5ffedea1U, 0x5dfd50a0U,
+    0x02038e01U, 0x724b9239U, 0x63dcd1bfU, 0xc12f77eeU,
+    0x764d933bU, 0x0983458aU, 0x527b9a29U, 0x1f9ece81U,
+    0xb4ee2d5aU, 0x0c0a0306U, 0x955162c4U, 0xe293b671U,
+    0xdeb1b96fU, 0xc6a5bf63U, 0x62539631U, 0xb1676bd6U,
+    0xfc823f7eU, 0x1c12070eU, 0x486c1224U, 0x82c3ae41U,
+    0x1d9d4080U, 0xd0b83468U, 0x0589468cU, 0xf8843e7cU,
+    0x4be0dbabU, 0x1b98cf83U, 0x9752ecc5U, 0x1792cc85U,
+    0x23bcc19fU, 0xbee1a15fU, 0x27bac09dU, 0x7fced6b1U,
+    0x744e1d3aU, 0xf702f4f5U, 0x995b61c2U, 0xec9a3b76U,
+    0x40601020U, 0x47ead8adU, 0xbd6d68d0U, 0xbae7a05dU,
+    0xfe81b17fU, 0x283c0a14U, 0xb96b69d2U, 0xad756cd8U,
+    0x39ab4992U, 0xcf26fae9U, 0xc52976ecU, 0x37a2c495U,
+    0x42639e21U, 0x567d9b2bU, 0xa5796edcU, 0x5e71992fU,
+    0x2fb6c299U, 0xe695b773U, 0x5a77982dU, 0xcaafbc65U,
+    0x06058f03U, 0x2e398517U, 0x7c421f3eU, 0xea9fb475U,
+    0xc72af8edU, 0x44661122U, 0xb8e42e5cU, 0x00000000U,
+    0x94de254aU, 0x70481c38U, 0xa8fc2a54U, 0xf48e3d7aU,
+    0x141e050aU, 0x21bf4f9eU, 0xf1077bf6U, 0xf28bb279U,
+    0xc8ac3264U, 0x7a47903dU, 0x86c5af43U, 0x64561932U,
+    0xb6eda35bU, 0xfb08f7f3U, 0xd13773e6U, 0x4e699d27U,
+    0x547e152aU, 0xcd2574e8U, 0x9f5eeec1U, 0x0f86ca89U,
+    0x46659f23U, 0x3c220f1eU, 0x6c5a1b36U, 0xc92375eaU,
+    0x22338611U, 0x2a3f8415U, 0x4a6f9c25U, 0x35a14a94U,
+    0x66559733U, 0x685c1a34U, 0x894365caU, 0xff0ef6f1U,
+    0x9354edc7U, 0x24360912U, 0xd6bdbb6bU, 0x98d4264cU,
+    0x362d831bU, 0x8b40ebcbU, 0xa17f6fdeU, 0x3e21811fU,
+    0x10180408U, 0xb5616ad4U, 0x11974386U, 0x04060102U,
+    0x5c72172eU, 0xa37ce1dfU, 0x26358713U, 0xf304f5f7U,
+    0x0e098d07U, 0xab70e3dbU, 0x8cca2346U, 0x3a27801dU,
+    0x0d854488U, 0x5874162cU, 0x854966ccU, 0x84c62142U,
+    0xdf3efee1U, 0x73c4d5b7U, 0xc4a63162U, 0x43ecd9afU,
+    0xd4be356aU, 0x60501830U, 0x080c0204U, 0x8d4564c8U,
+    0xef16f2f9U, 0xe31cf1ffU, 0x45e956acU, 0x1394cd87U,
+    0x322b8219U, 0x078ac88dU, 0xd2bbba69U, 0xe71af0fdU,
+    0x9b58efc3U, 0x834ce9cfU, 0x874ae8cdU, 0xd334fde7U,
+    0x1e11890fU, 0x7bc8d7b3U, 0x3ba8c793U, 0xee99b577U,
+    0xaaffa455U, 0xbce22f5eU, 0x6e599537U, 0x4c6a1326U,
+    0x2c3a0b16U, 0xeb10f3fbU, 0xa77ae0ddU, 0xdcb2376eU,
+};
+
+static const ulong32 T3[256] = {
+    0xf5a653a7U, 0xd06bbbd3U, 0x6ebfd1e6U, 0x3bd9e271U,
+    0xda67bdd0U, 0xcf8a45acU, 0xb3299a4dU, 0x0bf9f279U,
+    0x9ce8743aU, 0x8c038fc9U, 0x417e3f91U, 0x32d7e5fcU,
+    0x44783c1eU, 0x8f018e47U, 0xe54da854U, 0xa9ce67bdU,
+    0x0f0a058cU, 0xf9ae57a5U, 0x01f5f47aU, 0x20cbebfbU,
+    0x5791c663U, 0xb7da6db8U, 0xf453a7ddU, 0xc277b5d4U,
+    0x64b3d7e5U, 0x8df67bb3U, 0xa43397c5U, 0xa3c261beU,
+    0xd19e4fa9U, 0x171a0d88U, 0x2830180cU, 0xebb259a2U,
+    0x96e47239U, 0xf85ba3dfU, 0xf6a45229U, 0xe64fa9daU,
+    0xfaac562bU, 0xd79a4da8U, 0x800b8bcbU, 0xb52d984cU,
+    0xa731964bU, 0xcc884422U, 0xdb9249aaU, 0xd8904824U,
+    0x9b198241U, 0x3ddde070U, 0xf3a251a6U, 0x2cc3eff9U,
+    0xc175b45aU, 0x76afd9e2U, 0x87fa7db0U, 0xb4d86c36U,
+    0x13e9fa7dU, 0x62b7d5e4U, 0xaacc6633U, 0x38dbe3ffU,
+    0x5d9dc060U, 0xc0804020U, 0x30201008U, 0x1d160b8bU,
+    0xd965bc5eU, 0xdd964babU, 0x1fe1fe7fU, 0x0dfdf078U,
+    0x15edf87cU, 0xe8b0582cU, 0xef41ae57U, 0xd66fb9d2U,
+    0xf257a5dcU, 0x73a9da6dU, 0x19e5fc7eU, 0x2e341a0dU,
+    0xf751a653U, 0x5f6a3594U, 0xb02b9bc3U, 0xf0a05028U,
+    0xd29c4e27U, 0x14180c06U, 0xdf61be5fU, 0xc98e47adU,
+    0x4f81ce67U, 0xd56db85cU, 0xe349aa55U, 0xad3d9048U,
+    0x24381c0eU, 0xf155a452U, 0x468fc9eaU, 0x91158442U,
+    0xc771b65bU, 0xd369ba5dU, 0xa0c06030U, 0xcd7db058U,
+    0xfb59a251U, 0xcb79b259U, 0x88f0783cU, 0xb9259c4eU,
+    0x90e07038U, 0x1b12098aU, 0x31d5e472U, 0x78502814U,
+    0x68bbd3e7U, 0xae3f91c6U, 0xfe5fa1deU, 0xfd5da050U,
+    0x0302018eU, 0x4b723992U, 0xdc63bfd1U, 0x2fc1ee77U,
+    0x4d763b93U, 0x83098a45U, 0x7b52299aU, 0x9e1f81ceU,
+    0xeeb45a2dU, 0x0a0c0603U, 0x5195c462U, 0x93e271b6U,
+    0xb1de6fb9U, 0xa5c663bfU, 0x53623196U, 0x67b1d66bU,
+    0x82fc7e3fU, 0x121c0e07U, 0x6c482412U, 0xc38241aeU,
+    0x9d1d8040U, 0xb8d06834U, 0x89058c46U, 0x84f87c3eU,
+    0xe04babdbU, 0x981b83cfU, 0x5297c5ecU, 0x921785ccU,
+    0xbc239fc1U, 0xe1be5fa1U, 0xba279dc0U, 0xce7fb1d6U,
+    0x4e743a1dU, 0x02f7f5f4U, 0x5b99c261U, 0x9aec763bU,
+    0x60402010U, 0xea47add8U, 0x6dbdd068U, 0xe7ba5da0U,
+    0x81fe7fb1U, 0x3c28140aU, 0x6bb9d269U, 0x75add86cU,
+    0xab399249U, 0x26cfe9faU, 0x29c5ec76U, 0xa23795c4U,
+    0x6342219eU, 0x7d562b9bU, 0x79a5dc6eU, 0x715e2f99U,
+    0xb62f99c2U, 0x95e673b7U, 0x775a2d98U, 0xafca65bcU,
+    0x0506038fU, 0x392e1785U, 0x427c3e1fU, 0x9fea75b4U,
+    0x2ac7edf8U, 0x66442211U, 0xe4b85c2eU, 0x00000000U,
+    0xde944a25U, 0x4870381cU, 0xfca8542aU, 0x8ef47a3dU,
+    0x1e140a05U, 0xbf219e4fU, 0x07f1f67bU, 0x8bf279b2U,
+    0xacc86432U, 0x477a3d90U, 0xc58643afU, 0x56643219U,
+    0xedb65ba3U, 0x08fbf3f7U, 0x37d1e673U, 0x694e279dU,
+    0x7e542a15U, 0x25cde874U, 0x5e9fc1eeU, 0x860f89caU,
+    0x6546239fU, 0x223c1e0fU, 0x5a6c361bU, 0x23c9ea75U,
+    0x33221186U, 0x3f2a1584U, 0x6f4a259cU, 0xa135944aU,
+    0x55663397U, 0x5c68341aU, 0x4389ca65U, 0x0efff1f6U,
+    0x5493c7edU, 0x36241209U, 0xbdd66bbbU, 0xd4984c26U,
+    0x2d361b83U, 0x408bcbebU, 0x7fa1de6fU, 0x213e1f81U,
+    0x18100804U, 0x61b5d46aU, 0x97118643U, 0x06040201U,
+    0x725c2e17U, 0x7ca3dfe1U, 0x35261387U, 0x04f3f7f5U,
+    0x090e078dU, 0x70abdbe3U, 0xca8c4623U, 0x273a1d80U,
+    0x850d8844U, 0x74582c16U, 0x4985cc66U, 0xc6844221U,
+    0x3edfe1feU, 0xc473b7d5U, 0xa6c46231U, 0xec43afd9U,
+    0xbed46a35U, 0x50603018U, 0x0c080402U, 0x458dc864U,
+    0x16eff9f2U, 0x1ce3fff1U, 0xe945ac56U, 0x941387cdU,
+    0x2b321982U, 0x8a078dc8U, 0xbbd269baU, 0x1ae7fdf0U,
+    0x589bc3efU, 0x4c83cfe9U, 0x4a87cde8U, 0x34d3e7fdU,
+    0x111e0f89U, 0xc87bb3d7U, 0xa83b93c7U, 0x99ee77b5U,
+    0xffaa55a4U, 0xe2bc5e2fU, 0x596e3795U, 0x6a4c2613U,
+    0x3a2c160bU, 0x10ebfbf3U, 0x7aa7dde0U, 0xb2dc6e37U,
+};
+
+static const ulong32 T4[256] = {
+    0xa7a7a7a7U, 0xd3d3d3d3U, 0xe6e6e6e6U, 0x71717171U,
+    0xd0d0d0d0U, 0xacacacacU, 0x4d4d4d4dU, 0x79797979U,
+    0x3a3a3a3aU, 0xc9c9c9c9U, 0x91919191U, 0xfcfcfcfcU,
+    0x1e1e1e1eU, 0x47474747U, 0x54545454U, 0xbdbdbdbdU,
+    0x8c8c8c8cU, 0xa5a5a5a5U, 0x7a7a7a7aU, 0xfbfbfbfbU,
+    0x63636363U, 0xb8b8b8b8U, 0xddddddddU, 0xd4d4d4d4U,
+    0xe5e5e5e5U, 0xb3b3b3b3U, 0xc5c5c5c5U, 0xbebebebeU,
+    0xa9a9a9a9U, 0x88888888U, 0x0c0c0c0cU, 0xa2a2a2a2U,
+    0x39393939U, 0xdfdfdfdfU, 0x29292929U, 0xdadadadaU,
+    0x2b2b2b2bU, 0xa8a8a8a8U, 0xcbcbcbcbU, 0x4c4c4c4cU,
+    0x4b4b4b4bU, 0x22222222U, 0xaaaaaaaaU, 0x24242424U,
+    0x41414141U, 0x70707070U, 0xa6a6a6a6U, 0xf9f9f9f9U,
+    0x5a5a5a5aU, 0xe2e2e2e2U, 0xb0b0b0b0U, 0x36363636U,
+    0x7d7d7d7dU, 0xe4e4e4e4U, 0x33333333U, 0xffffffffU,
+    0x60606060U, 0x20202020U, 0x08080808U, 0x8b8b8b8bU,
+    0x5e5e5e5eU, 0xababababU, 0x7f7f7f7fU, 0x78787878U,
+    0x7c7c7c7cU, 0x2c2c2c2cU, 0x57575757U, 0xd2d2d2d2U,
+    0xdcdcdcdcU, 0x6d6d6d6dU, 0x7e7e7e7eU, 0x0d0d0d0dU,
+    0x53535353U, 0x94949494U, 0xc3c3c3c3U, 0x28282828U,
+    0x27272727U, 0x06060606U, 0x5f5f5f5fU, 0xadadadadU,
+    0x67676767U, 0x5c5c5c5cU, 0x55555555U, 0x48484848U,
+    0x0e0e0e0eU, 0x52525252U, 0xeaeaeaeaU, 0x42424242U,
+    0x5b5b5b5bU, 0x5d5d5d5dU, 0x30303030U, 0x58585858U,
+    0x51515151U, 0x59595959U, 0x3c3c3c3cU, 0x4e4e4e4eU,
+    0x38383838U, 0x8a8a8a8aU, 0x72727272U, 0x14141414U,
+    0xe7e7e7e7U, 0xc6c6c6c6U, 0xdedededeU, 0x50505050U,
+    0x8e8e8e8eU, 0x92929292U, 0xd1d1d1d1U, 0x77777777U,
+    0x93939393U, 0x45454545U, 0x9a9a9a9aU, 0xcecececeU,
+    0x2d2d2d2dU, 0x03030303U, 0x62626262U, 0xb6b6b6b6U,
+    0xb9b9b9b9U, 0xbfbfbfbfU, 0x96969696U, 0x6b6b6b6bU,
+    0x3f3f3f3fU, 0x07070707U, 0x12121212U, 0xaeaeaeaeU,
+    0x40404040U, 0x34343434U, 0x46464646U, 0x3e3e3e3eU,
+    0xdbdbdbdbU, 0xcfcfcfcfU, 0xececececU, 0xccccccccU,
+    0xc1c1c1c1U, 0xa1a1a1a1U, 0xc0c0c0c0U, 0xd6d6d6d6U,
+    0x1d1d1d1dU, 0xf4f4f4f4U, 0x61616161U, 0x3b3b3b3bU,
+    0x10101010U, 0xd8d8d8d8U, 0x68686868U, 0xa0a0a0a0U,
+    0xb1b1b1b1U, 0x0a0a0a0aU, 0x69696969U, 0x6c6c6c6cU,
+    0x49494949U, 0xfafafafaU, 0x76767676U, 0xc4c4c4c4U,
+    0x9e9e9e9eU, 0x9b9b9b9bU, 0x6e6e6e6eU, 0x99999999U,
+    0xc2c2c2c2U, 0xb7b7b7b7U, 0x98989898U, 0xbcbcbcbcU,
+    0x8f8f8f8fU, 0x85858585U, 0x1f1f1f1fU, 0xb4b4b4b4U,
+    0xf8f8f8f8U, 0x11111111U, 0x2e2e2e2eU, 0x00000000U,
+    0x25252525U, 0x1c1c1c1cU, 0x2a2a2a2aU, 0x3d3d3d3dU,
+    0x05050505U, 0x4f4f4f4fU, 0x7b7b7b7bU, 0xb2b2b2b2U,
+    0x32323232U, 0x90909090U, 0xafafafafU, 0x19191919U,
+    0xa3a3a3a3U, 0xf7f7f7f7U, 0x73737373U, 0x9d9d9d9dU,
+    0x15151515U, 0x74747474U, 0xeeeeeeeeU, 0xcacacacaU,
+    0x9f9f9f9fU, 0x0f0f0f0fU, 0x1b1b1b1bU, 0x75757575U,
+    0x86868686U, 0x84848484U, 0x9c9c9c9cU, 0x4a4a4a4aU,
+    0x97979797U, 0x1a1a1a1aU, 0x65656565U, 0xf6f6f6f6U,
+    0xededededU, 0x09090909U, 0xbbbbbbbbU, 0x26262626U,
+    0x83838383U, 0xebebebebU, 0x6f6f6f6fU, 0x81818181U,
+    0x04040404U, 0x6a6a6a6aU, 0x43434343U, 0x01010101U,
+    0x17171717U, 0xe1e1e1e1U, 0x87878787U, 0xf5f5f5f5U,
+    0x8d8d8d8dU, 0xe3e3e3e3U, 0x23232323U, 0x80808080U,
+    0x44444444U, 0x16161616U, 0x66666666U, 0x21212121U,
+    0xfefefefeU, 0xd5d5d5d5U, 0x31313131U, 0xd9d9d9d9U,
+    0x35353535U, 0x18181818U, 0x02020202U, 0x64646464U,
+    0xf2f2f2f2U, 0xf1f1f1f1U, 0x56565656U, 0xcdcdcdcdU,
+    0x82828282U, 0xc8c8c8c8U, 0xbabababaU, 0xf0f0f0f0U,
+    0xefefefefU, 0xe9e9e9e9U, 0xe8e8e8e8U, 0xfdfdfdfdU,
+    0x89898989U, 0xd7d7d7d7U, 0xc7c7c7c7U, 0xb5b5b5b5U,
+    0xa4a4a4a4U, 0x2f2f2f2fU, 0x95959595U, 0x13131313U,
+    0x0b0b0b0bU, 0xf3f3f3f3U, 0xe0e0e0e0U, 0x37373737U,
+};
+
+static const ulong32 T5[256] = {
+    0x00000000U, 0x01020608U, 0x02040c10U, 0x03060a18U,
+    0x04081820U, 0x050a1e28U, 0x060c1430U, 0x070e1238U,
+    0x08103040U, 0x09123648U, 0x0a143c50U, 0x0b163a58U,
+    0x0c182860U, 0x0d1a2e68U, 0x0e1c2470U, 0x0f1e2278U,
+    0x10206080U, 0x11226688U, 0x12246c90U, 0x13266a98U,
+    0x142878a0U, 0x152a7ea8U, 0x162c74b0U, 0x172e72b8U,
+    0x183050c0U, 0x193256c8U, 0x1a345cd0U, 0x1b365ad8U,
+    0x1c3848e0U, 0x1d3a4ee8U, 0x1e3c44f0U, 0x1f3e42f8U,
+    0x2040c01dU, 0x2142c615U, 0x2244cc0dU, 0x2346ca05U,
+    0x2448d83dU, 0x254ade35U, 0x264cd42dU, 0x274ed225U,
+    0x2850f05dU, 0x2952f655U, 0x2a54fc4dU, 0x2b56fa45U,
+    0x2c58e87dU, 0x2d5aee75U, 0x2e5ce46dU, 0x2f5ee265U,
+    0x3060a09dU, 0x3162a695U, 0x3264ac8dU, 0x3366aa85U,
+    0x3468b8bdU, 0x356abeb5U, 0x366cb4adU, 0x376eb2a5U,
+    0x387090ddU, 0x397296d5U, 0x3a749ccdU, 0x3b769ac5U,
+    0x3c7888fdU, 0x3d7a8ef5U, 0x3e7c84edU, 0x3f7e82e5U,
+    0x40809d3aU, 0x41829b32U, 0x4284912aU, 0x43869722U,
+    0x4488851aU, 0x458a8312U, 0x468c890aU, 0x478e8f02U,
+    0x4890ad7aU, 0x4992ab72U, 0x4a94a16aU, 0x4b96a762U,
+    0x4c98b55aU, 0x4d9ab352U, 0x4e9cb94aU, 0x4f9ebf42U,
+    0x50a0fdbaU, 0x51a2fbb2U, 0x52a4f1aaU, 0x53a6f7a2U,
+    0x54a8e59aU, 0x55aae392U, 0x56ace98aU, 0x57aeef82U,
+    0x58b0cdfaU, 0x59b2cbf2U, 0x5ab4c1eaU, 0x5bb6c7e2U,
+    0x5cb8d5daU, 0x5dbad3d2U, 0x5ebcd9caU, 0x5fbedfc2U,
+    0x60c05d27U, 0x61c25b2fU, 0x62c45137U, 0x63c6573fU,
+    0x64c84507U, 0x65ca430fU, 0x66cc4917U, 0x67ce4f1fU,
+    0x68d06d67U, 0x69d26b6fU, 0x6ad46177U, 0x6bd6677fU,
+    0x6cd87547U, 0x6dda734fU, 0x6edc7957U, 0x6fde7f5fU,
+    0x70e03da7U, 0x71e23bafU, 0x72e431b7U, 0x73e637bfU,
+    0x74e82587U, 0x75ea238fU, 0x76ec2997U, 0x77ee2f9fU,
+    0x78f00de7U, 0x79f20befU, 0x7af401f7U, 0x7bf607ffU,
+    0x7cf815c7U, 0x7dfa13cfU, 0x7efc19d7U, 0x7ffe1fdfU,
+    0x801d2774U, 0x811f217cU, 0x82192b64U, 0x831b2d6cU,
+    0x84153f54U, 0x8517395cU, 0x86113344U, 0x8713354cU,
+    0x880d1734U, 0x890f113cU, 0x8a091b24U, 0x8b0b1d2cU,
+    0x8c050f14U, 0x8d07091cU, 0x8e010304U, 0x8f03050cU,
+    0x903d47f4U, 0x913f41fcU, 0x92394be4U, 0x933b4decU,
+    0x94355fd4U, 0x953759dcU, 0x963153c4U, 0x973355ccU,
+    0x982d77b4U, 0x992f71bcU, 0x9a297ba4U, 0x9b2b7dacU,
+    0x9c256f94U, 0x9d27699cU, 0x9e216384U, 0x9f23658cU,
+    0xa05de769U, 0xa15fe161U, 0xa259eb79U, 0xa35bed71U,
+    0xa455ff49U, 0xa557f941U, 0xa651f359U, 0xa753f551U,
+    0xa84dd729U, 0xa94fd121U, 0xaa49db39U, 0xab4bdd31U,
+    0xac45cf09U, 0xad47c901U, 0xae41c319U, 0xaf43c511U,
+    0xb07d87e9U, 0xb17f81e1U, 0xb2798bf9U, 0xb37b8df1U,
+    0xb4759fc9U, 0xb57799c1U, 0xb67193d9U, 0xb77395d1U,
+    0xb86db7a9U, 0xb96fb1a1U, 0xba69bbb9U, 0xbb6bbdb1U,
+    0xbc65af89U, 0xbd67a981U, 0xbe61a399U, 0xbf63a591U,
+    0xc09dba4eU, 0xc19fbc46U, 0xc299b65eU, 0xc39bb056U,
+    0xc495a26eU, 0xc597a466U, 0xc691ae7eU, 0xc793a876U,
+    0xc88d8a0eU, 0xc98f8c06U, 0xca89861eU, 0xcb8b8016U,
+    0xcc85922eU, 0xcd879426U, 0xce819e3eU, 0xcf839836U,
+    0xd0bddaceU, 0xd1bfdcc6U, 0xd2b9d6deU, 0xd3bbd0d6U,
+    0xd4b5c2eeU, 0xd5b7c4e6U, 0xd6b1cefeU, 0xd7b3c8f6U,
+    0xd8adea8eU, 0xd9afec86U, 0xdaa9e69eU, 0xdbabe096U,
+    0xdca5f2aeU, 0xdda7f4a6U, 0xdea1febeU, 0xdfa3f8b6U,
+    0xe0dd7a53U, 0xe1df7c5bU, 0xe2d97643U, 0xe3db704bU,
+    0xe4d56273U, 0xe5d7647bU, 0xe6d16e63U, 0xe7d3686bU,
+    0xe8cd4a13U, 0xe9cf4c1bU, 0xeac94603U, 0xebcb400bU,
+    0xecc55233U, 0xedc7543bU, 0xeec15e23U, 0xefc3582bU,
+    0xf0fd1ad3U, 0xf1ff1cdbU, 0xf2f916c3U, 0xf3fb10cbU,
+    0xf4f502f3U, 0xf5f704fbU, 0xf6f10ee3U, 0xf7f308ebU,
+    0xf8ed2a93U, 0xf9ef2c9bU, 0xfae92683U, 0xfbeb208bU,
+    0xfce532b3U, 0xfde734bbU, 0xfee13ea3U, 0xffe338abU,
+};
+
+/**
+ * The round constants.
+ */
+static const ulong32 rc[] = {
+   0xa7d3e671U, 0xd0ac4d79U, 0x3ac991fcU, 0x1e4754bdU,
+   0x8ca57afbU, 0x63b8ddd4U, 0xe5b3c5beU, 0xa9880ca2U,
+   0x39df29daU, 0x2ba8cb4cU, 0x4b22aa24U, 0x4170a6f9U,
+   0x5ae2b036U, 0x7de433ffU, 0x6020088bU, 0x5eab7f78U,
+   0x7c2c57d2U, 0xdc6d7e0dU, 0x5394c328U,
+};
+
+#endif
+
+ /**
+    Initialize the Anubis block cipher
+    @param key The symmetric key you wish to pass
+    @param keylen The key length in bytes
+    @param num_rounds The number of rounds desired (0 for default)
+    @param skey The key in as scheduled by this function.
+    @return CRYPT_OK if successful
+ */
+#ifdef LTC_CLEAN_STACK
+static int _anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
+#else
+int  anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
+#endif
+{
+   int N, R, i, pos, r;
+   ulong32 kappa[MAX_N];
+   ulong32 inter[MAX_N];
+   ulong32 v, K0, K1, K2, K3;
+
+   LTC_ARGCHK(key  != NULL);
+   LTC_ARGCHK(skey != NULL);
+
+   /* Valid sizes (in bytes) are 16, 20, 24, 28, 32, 36, and 40. */
+   if ((keylen & 3) || (keylen < 16) || (keylen > 40)) {
+      return CRYPT_INVALID_KEYSIZE;
+   }
+   skey->anubis.keyBits = keylen*8;
+
+   /*
+    * determine the N length parameter:
+    * (N.B. it is assumed that the key length is valid!)
+    */
+   N = skey->anubis.keyBits >> 5;
+
+   /*
+    * determine number of rounds from key size:
+    */
+   skey->anubis.R = R = 8 + N;
+
+   if (num_rounds != 0 && num_rounds != skey->anubis.R) {
+      return CRYPT_INVALID_ROUNDS;
+   }
+
+    /*
+    * map cipher key to initial key state (mu):
+    */
+    for (i = 0, pos = 0; i < N; i++, pos += 4) {
+      kappa[i] =
+         (key[pos    ] << 24) ^
+         (key[pos + 1] << 16) ^
+         (key[pos + 2] <<  8) ^
+         (key[pos + 3]      );
+    }
+
+   /*
+    * generate R + 1 round keys:
+    */
+   for (r = 0; r <= R; r++) {
+      /*
+       * generate r-th round key K^r:
+       */
+      K0 = T4[(kappa[N - 1] >> 24) & 0xff];
+      K1 = T4[(kappa[N - 1] >> 16) & 0xff];
+      K2 = T4[(kappa[N - 1] >>  8) & 0xff];
+      K3 = T4[(kappa[N - 1]      ) & 0xff];
+      for (i = N - 2; i >= 0; i--) {
+         K0 = T4[(kappa[i] >> 24)  & 0xff] ^
+            (T5[(K0 >> 24) & 0xff] & 0xff000000U) ^
+            (T5[(K0 >> 16) & 0xff] & 0x00ff0000U) ^
+            (T5[(K0 >>  8) & 0xff] & 0x0000ff00U) ^
+            (T5[(K0      ) & 0xff] & 0x000000ffU);
+         K1 = T4[(kappa[i] >> 16) & 0xff] ^
+            (T5[(K1 >> 24) & 0xff] & 0xff000000U) ^
+            (T5[(K1 >> 16) & 0xff] & 0x00ff0000U) ^
+            (T5[(K1 >>  8) & 0xff] & 0x0000ff00U) ^
+            (T5[(K1      ) & 0xff] & 0x000000ffU);
+         K2 = T4[(kappa[i] >>  8) & 0xff] ^
+            (T5[(K2 >> 24) & 0xff] & 0xff000000U) ^
+            (T5[(K2 >> 16) & 0xff] & 0x00ff0000U) ^
+            (T5[(K2 >>  8) & 0xff] & 0x0000ff00U) ^
+            (T5[(K2      ) & 0xff] & 0x000000ffU);
+         K3 = T4[(kappa[i]      ) & 0xff] ^
+            (T5[(K3 >> 24) & 0xff] & 0xff000000U) ^
+            (T5[(K3 >> 16) & 0xff] & 0x00ff0000U) ^
+            (T5[(K3 >>  8) & 0xff] & 0x0000ff00U) ^
+            (T5[(K3      ) & 0xff] & 0x000000ffU);
+      }
+      /*
+      -- this is the code to use with the large U tables:
+      K0 = K1 = K2 = K3 = 0;
+      for (i = 0; i < N; i++) {
+         K0 ^= U[i][(kappa[i] >> 24) & 0xff];
+         K1 ^= U[i][(kappa[i] >> 16) & 0xff];
+         K2 ^= U[i][(kappa[i] >>  8) & 0xff];
+         K3 ^= U[i][(kappa[i]      ) & 0xff];
+      }
+      */
+      skey->anubis.roundKeyEnc[r][0] = K0;
+      skey->anubis.roundKeyEnc[r][1] = K1;
+      skey->anubis.roundKeyEnc[r][2] = K2;
+      skey->anubis.roundKeyEnc[r][3] = K3;
+
+      /*
+       * compute kappa^{r+1} from kappa^r:
+       */
+      if (r == R) {
+         break;
+      }
+      for (i = 0; i < N; i++) {
+         int j = i;
+         inter[i]  = T0[(kappa[j--] >> 24) & 0xff]; if (j < 0) j = N - 1;
+         inter[i] ^= T1[(kappa[j--] >> 16) & 0xff]; if (j < 0) j = N - 1;
+         inter[i] ^= T2[(kappa[j--] >>  8) & 0xff]; if (j < 0) j = N - 1;
+         inter[i] ^= T3[(kappa[j  ]      ) & 0xff];
+      }
+      kappa[0] = inter[0] ^ rc[r];
+      for (i = 1; i < N; i++) {
+         kappa[i] = inter[i];
+      }
+   }
+
+   /*
+    * generate inverse key schedule: K'^0 = K^R, K'^R = K^0, K'^r = theta(K^{R-r}):
+    */
+   for (i = 0; i < 4; i++) {
+      skey->anubis.roundKeyDec[0][i] = skey->anubis.roundKeyEnc[R][i];
+      skey->anubis.roundKeyDec[R][i] = skey->anubis.roundKeyEnc[0][i];
+   }
+   for (r = 1; r < R; r++) {
+      for (i = 0; i < 4; i++) {
+         v = skey->anubis.roundKeyEnc[R - r][i];
+         skey->anubis.roundKeyDec[r][i] =
+            T0[T4[(v >> 24) & 0xff] & 0xff] ^
+            T1[T4[(v >> 16) & 0xff] & 0xff] ^
+            T2[T4[(v >>  8) & 0xff] & 0xff] ^
+            T3[T4[(v      ) & 0xff] & 0xff];
+      }
+   }
+
+   return CRYPT_OK;
+}
+
+#ifdef LTC_CLEAN_STACK
+int  anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
+{
+  int err;
+  err = _anubis_setup(key, keylen, num_rounds, skey);
+  burn_stack(sizeof(int) * 5 + sizeof(ulong32) * (MAX_N + MAX_N + 5));
+  return err;
+}
+#endif
+  
+
+static void anubis_crypt(const unsigned char *plaintext, unsigned char *ciphertext,
+                         ulong32 roundKey[18 + 1][4], int R) {
+   int i, pos, r;
+   ulong32 state[4];
+   ulong32 inter[4];
+
+    /*
+    * map plaintext block to cipher state (mu)
+    * and add initial round key (sigma[K^0]):
+    */
+    for (i = 0, pos = 0; i < 4; i++, pos += 4) {
+      state[i] =
+         (plaintext[pos    ] << 24) ^
+         (plaintext[pos + 1] << 16) ^
+         (plaintext[pos + 2] <<  8) ^
+         (plaintext[pos + 3]      ) ^
+         roundKey[0][i];
+    }
+
+    /*
+     * R - 1 full rounds:
+     */
+    for (r = 1; r < R; r++) {
+      inter[0] =
+         T0[(state[0] >> 24) & 0xff] ^
+         T1[(state[1] >> 24) & 0xff] ^
+         T2[(state[2] >> 24) & 0xff] ^
+         T3[(state[3] >> 24) & 0xff] ^
+         roundKey[r][0];
+      inter[1] =
+         T0[(state[0] >> 16) & 0xff] ^
+         T1[(state[1] >> 16) & 0xff] ^
+         T2[(state[2] >> 16) & 0xff] ^
+         T3[(state[3] >> 16) & 0xff] ^
+         roundKey[r][1];
+      inter[2] =
+         T0[(state[0] >>  8) & 0xff] ^
+         T1[(state[1] >>  8) & 0xff] ^
+         T2[(state[2] >>  8) & 0xff] ^
+         T3[(state[3] >>  8) & 0xff] ^
+         roundKey[r][2];
+      inter[3] =
+         T0[(state[0]      ) & 0xff] ^
+         T1[(state[1]      ) & 0xff] ^
+         T2[(state[2]      ) & 0xff] ^
+         T3[(state[3]      ) & 0xff] ^
+         roundKey[r][3];
+      state[0] = inter[0];
+      state[1] = inter[1];
+      state[2] = inter[2];
+      state[3] = inter[3];
+    }
+
+    /*
+    * last round:
+    */
+   inter[0] =
+      (T0[(state[0] >> 24) & 0xff] & 0xff000000U) ^
+      (T1[(state[1] >> 24) & 0xff] & 0x00ff0000U) ^
+      (T2[(state[2] >> 24) & 0xff] & 0x0000ff00U) ^
+      (T3[(state[3] >> 24) & 0xff] & 0x000000ffU) ^
+      roundKey[R][0];
+   inter[1] =
+      (T0[(state[0] >> 16) & 0xff] & 0xff000000U) ^
+      (T1[(state[1] >> 16) & 0xff] & 0x00ff0000U) ^
+      (T2[(state[2] >> 16) & 0xff] & 0x0000ff00U) ^
+      (T3[(state[3] >> 16) & 0xff] & 0x000000ffU) ^
+      roundKey[R][1];
+   inter[2] =
+      (T0[(state[0] >>  8) & 0xff] & 0xff000000U) ^
+      (T1[(state[1] >>  8) & 0xff] & 0x00ff0000U) ^
+      (T2[(state[2] >>  8) & 0xff] & 0x0000ff00U) ^
+      (T3[(state[3] >>  8) & 0xff] & 0x000000ffU) ^
+      roundKey[R][2];
+   inter[3] =
+      (T0[(state[0]      ) & 0xff] & 0xff000000U) ^
+      (T1[(state[1]      ) & 0xff] & 0x00ff0000U) ^
+      (T2[(state[2]      ) & 0xff] & 0x0000ff00U) ^
+      (T3[(state[3]      ) & 0xff] & 0x000000ffU) ^
+      roundKey[R][3];
+
+   /*
+    * map cipher state to ciphertext block (mu^{-1}):
+    */
+    for (i = 0, pos = 0; i < 4; i++, pos += 4) {
+        ulong32 w = inter[i];
+        ciphertext[pos    ] = (unsigned char)(w >> 24);
+        ciphertext[pos + 1] = (unsigned char)(w >> 16);
+        ciphertext[pos + 2] = (unsigned char)(w >>  8);
+        ciphertext[pos + 3] = (unsigned char)(w      );
+    }
+}
+
+/**
+  Encrypts a block of text with Anubis
+  @param pt The input plaintext (16 bytes)
+  @param ct The output ciphertext (16 bytes)
+  @param skey The key as scheduled
+  @return CRYPT_OK if successful
+*/
+int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+{
+   LTC_ARGCHK(pt   != NULL);
+   LTC_ARGCHK(ct   != NULL);
+   LTC_ARGCHK(skey != NULL);
+   anubis_crypt(pt, ct, skey->anubis.roundKeyEnc, skey->anubis.R);
+   return CRYPT_OK;
+}
+
+/**
+  Decrypts a block of text with Anubis
+  @param ct The input ciphertext (16 bytes)
+  @param pt The output plaintext (16 bytes)
+  @param skey The key as scheduled 
+  @return CRYPT_OK if successful
+*/
+int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+{
+   LTC_ARGCHK(pt   != NULL);
+   LTC_ARGCHK(ct   != NULL);
+   LTC_ARGCHK(skey != NULL);
+   anubis_crypt(ct, pt, skey->anubis.roundKeyDec, skey->anubis.R);
+   return CRYPT_OK;
+}
+
+/**
+  Performs a self-test of the Anubis block cipher
+  @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled
+*/
+int anubis_test(void)
+{
+#if !defined(LTC_TEST)
+  return CRYPT_NOP;
+#else
+  static const struct test {
+     int keylen;
+     unsigned char pt[16], ct[16], key[40];
+  } tests[] = {
+#ifndef ANUBIS_TWEAK
+  /**** ORIGINAL ANUBIS ****/
+  /* 128 bit keys */
+{
+   16,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xF0, 0x68, 0x60, 0xFC, 0x67, 0x30, 0xE8, 0x18, 
+     0xF1, 0x32, 0xC7, 0x8A, 0xF4, 0x13, 0x2A, 0xFE },
+   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+}, {
+   16,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xA8, 0x66, 0x84, 0x80, 0x07, 0x74, 0x5C, 0x89, 
+     0xFC, 0x5E, 0xB5, 0xBA, 0xD4, 0xFE, 0x32, 0x6D },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
+},
+
+   /* 160-bit keys */
+{
+   20,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xBD, 0x5E, 0x32, 0xBE, 0x51, 0x67, 0xA8, 0xE2,
+     0x72, 0xD7, 0x95, 0x0F, 0x83, 0xC6, 0x8C, 0x31 },
+   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00 }
+}, {
+   20,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x4C, 0x1F, 0x86, 0x2E, 0x11, 0xEB, 0xCE, 0xEB,
+     0xFE, 0xB9, 0x73, 0xC9, 0xDF, 0xEF, 0x7A, 0xDB },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x01 }
+},
+
+  /* 192-bit keys */
+{
+   24,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x17, 0xAC, 0x57, 0x44, 0x9D, 0x59, 0x61, 0x66, 
+     0xD0, 0xC7, 0x9E, 0x04, 0x7C, 0xC7, 0x58, 0xF0 },
+   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+}, {
+   24,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x71, 0x52, 0xB4, 0xEB, 0x1D, 0xAA, 0x36, 0xFD, 
+     0x57, 0x14, 0x5F, 0x57, 0x04, 0x9F, 0x70, 0x74 },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
+},
+
+  /* 224-bit keys */
+{
+   28,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xA2, 0xF0, 0xA6, 0xB9, 0x17, 0x93, 0x2A, 0x3B, 
+     0xEF, 0x08, 0xE8, 0x7A, 0x58, 0xD6, 0xF8, 0x53 },
+   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00 }
+}, {
+   28,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xF0, 0xCA, 0xFC, 0x78, 0x8B, 0x4B, 0x4E, 0x53, 
+     0x8B, 0xC4, 0x32, 0x6A, 0xF5, 0xB9, 0x1B, 0x5F },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x01 }
+},
+
+  /* 256-bit keys */
+{
+   32,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xE0, 0x86, 0xAC, 0x45, 0x6B, 0x3C, 0xE5, 0x13, 
+     0xED, 0xF5, 0xDF, 0xDD, 0xD6, 0x3B, 0x71, 0x93 },
+   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+}, {
+   32,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x50, 0x01, 0xB9, 0xF5, 0x21, 0xC1, 0xC1, 0x29, 
+     0x00, 0xD5, 0xEC, 0x98, 0x2B, 0x9E, 0xE8, 0x21 },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
+},
+
+  /* 288-bit keys */
+{
+   36,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xE8, 0xF4, 0xAF, 0x2B, 0x21, 0xA0, 0x87, 0x9B, 
+     0x41, 0x95, 0xB9, 0x71, 0x75, 0x79, 0x04, 0x7C },
+   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00 }
+}, {
+   36,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xE6, 0xA6, 0xA5, 0xBC, 0x8B, 0x63, 0x6F, 0xE2, 
+     0xBD, 0xA7, 0xA7, 0x53, 0xAB, 0x40, 0x22, 0xE0 },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x01 }
+},
+
+  /* 320-bit keys */
+{
+   40,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x17, 0x04, 0xD7, 0x2C, 0xC6, 0x85, 0x76, 0x02, 
+     0x4B, 0xCC, 0x39, 0x80, 0xD8, 0x22, 0xEA, 0xA4 },
+   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+}, {
+   40,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x7A, 0x41, 0xE6, 0x7D, 0x4F, 0xD8, 0x64, 0xF0, 
+     0x44, 0xA8, 0x3C, 0x73, 0x81, 0x7E, 0x53, 0xD8 },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
+}
+#else
+  /**** Tweaked ANUBIS ****/
+  /* 128 bit keys */
+{
+   16,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xB8, 0x35, 0xBD, 0xC3, 0x34, 0x82, 0x9D, 0x83,
+     0x71, 0xBF, 0xA3, 0x71, 0xE4, 0xB3, 0xC4, 0xFD },
+   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+}, {
+   16,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xE6, 0x14, 0x1E, 0xAF, 0xEB, 0xE0, 0x59, 0x3C,
+     0x48, 0xE1, 0xCD, 0xF2, 0x1B, 0xBA, 0xA1, 0x89 },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
+},
+
+   /* 160-bit keys */
+{
+   20,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x97, 0x59, 0x79, 0x4B, 0x5C, 0xA0, 0x70, 0x73,
+     0x24, 0xEF, 0xB3, 0x58, 0x67, 0xCA, 0xD4, 0xB3 },
+   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00 }
+}, {
+   20,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xB8, 0x0D, 0xFB, 0x9B, 0xE4, 0xA1, 0x58, 0x87,
+     0xB3, 0x76, 0xD5, 0x02, 0x18, 0x95, 0xC1, 0x2E },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x01 }
+},
+
+  /* 192-bit keys */
+{
+   24,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x7D, 0x62, 0x3B, 0x52, 0xC7, 0x4C, 0x64, 0xD8,
+     0xEB, 0xC7, 0x2D, 0x57, 0x97, 0x85, 0x43, 0x8F },
+   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+}, {
+   24,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xB1, 0x0A, 0x59, 0xDD, 0x5D, 0x5D, 0x8D, 0x67,
+     0xEC, 0xEE, 0x4A, 0xC4, 0xBE, 0x4F, 0xA8, 0x4F },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
+},
+
+  /* 224-bit keys */
+{
+   28,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x68, 0x9E, 0x05, 0x94, 0x6A, 0x94, 0x43, 0x8F,
+     0xE7, 0x8E, 0x37, 0x3D, 0x24, 0x97, 0x92, 0xF5 },
+   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00 }
+}, {
+   28,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xDD, 0xB7, 0xB0, 0xB4, 0xE9, 0xB4, 0x9B, 0x9C,
+     0x38, 0x20, 0x25, 0x0B, 0x47, 0xC2, 0x1F, 0x89 },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x01 }
+},
+
+  /* 256-bit keys */
+{
+   32,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x96, 0x00, 0xF0, 0x76, 0x91, 0x69, 0x29, 0x87,
+     0xF5, 0xE5, 0x97, 0xDB, 0xDB, 0xAF, 0x1B, 0x0A },
+   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+}, {
+   32,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x69, 0x9C, 0xAF, 0xDD, 0x94, 0xC7, 0xBC, 0x60,
+     0x44, 0xFE, 0x02, 0x05, 0x8A, 0x6E, 0xEF, 0xBD },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
+},
+
+  /* 288-bit keys */
+{
+   36,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x0F, 0xC7, 0xA2, 0xC0, 0x11, 0x17, 0xAC, 0x43,
+     0x52, 0x5E, 0xDF, 0x6C, 0xF3, 0x96, 0x33, 0x6C },
+   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00 }
+}, {
+   36,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xAD, 0x08, 0x4F, 0xED, 0x55, 0xA6, 0x94, 0x3E,
+     0x7E, 0x5E, 0xED, 0x05, 0xA1, 0x9D, 0x41, 0xB4 },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x01 }
+},
+
+  /* 320-bit keys */
+{
+   40,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xFE, 0xE2, 0x0E, 0x2A, 0x9D, 0xC5, 0x83, 0xBA,
+     0xA3, 0xA6, 0xD6, 0xA6, 0xF2, 0xE8, 0x06, 0xA5 },
+   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
+}, {
+   40,
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x86, 0x3D, 0xCC, 0x4A, 0x60, 0x34, 0x9C, 0x28,
+     0xA7, 0xDA, 0xA4, 0x3B, 0x0A, 0xD7, 0xFD, 0xC7 },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }
+}
+#endif
+};
+   int x, y;
+   unsigned char buf[2][16];
+   symmetric_key skey;
+
+   for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
+       anubis_setup(tests[x].key, tests[x].keylen, 0, &skey);
+       anubis_ecb_encrypt(tests[x].pt, buf[0], &skey);
+       anubis_ecb_decrypt(buf[0], buf[1], &skey);
+       if (XMEMCMP(buf[0], tests[x].ct, 16) || XMEMCMP(buf[1], tests[x].pt, 16)) {
+          return CRYPT_FAIL_TESTVECTOR;
+       }
+
+       for (y = 0; y < 1000; y++) anubis_ecb_encrypt(buf[0], buf[0], &skey);
+       for (y = 0; y < 1000; y++) anubis_ecb_decrypt(buf[0], buf[0], &skey);
+       if (XMEMCMP(buf[0], tests[x].ct, 16)) {
+          return CRYPT_FAIL_TESTVECTOR;
+       }
+
+   }
+   return CRYPT_OK;
+#endif
+}
+
+/** Terminate the context 
+   @param skey    The scheduled key
+*/
+void anubis_done(symmetric_key *skey)
+{
+}
+
+/**
+  Gets suitable key size
+  @param keysize [in/out] The length of the recommended key (in bytes).  This function will store the suitable size back in this variable.
+  @return CRYPT_OK if the input key size is acceptable.
+*/
+int anubis_keysize(int *keysize)
+{
+   LTC_ARGCHK(keysize != NULL);
+   if (*keysize >= 40) {
+      *keysize = 40;
+   } else if (*keysize >= 36) {
+      *keysize = 36;
+   } else if (*keysize >= 32) {
+      *keysize = 32;
+   } else if (*keysize >= 28) {
+      *keysize = 28;
+   } else if (*keysize >= 24) {
+      *keysize = 24;
+   } else if (*keysize >= 20) {
+      *keysize = 20;
+   } else if (*keysize >= 16) {
+      *keysize = 16;
+   } else {
+      return CRYPT_INVALID_KEYSIZE;
+   }
+   return CRYPT_OK;
+}
+
+#endif
+
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/anubis.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.15 $ */
+/* $Date: 2006/11/15 12:41:28 $ */
diff --git a/libtomcrypt/src/ciphers/blowfish.c b/libtomcrypt/src/ciphers/blowfish.c
index 3502983..ae8945f 100644
--- a/libtomcrypt/src/ciphers/blowfish.c
+++ b/libtomcrypt/src/ciphers/blowfish.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 /**
   @file blowfish.c
@@ -27,7 +27,7 @@ const struct ltc_cipher_descriptor blowfish_desc =
     &blowfish_test,
     &blowfish_done,
     &blowfish_keysize,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL
+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
 static const ulong32 ORIG_P[16 + 2] = {
@@ -385,11 +385,12 @@ int blowfish_setup(const unsigned char *key, int keylen, int num_rounds,
   @param pt The input plaintext (8 bytes)
   @param ct The output ciphertext (8 bytes)
   @param skey The key as scheduled
+  @return CRYPT_OK if successful
 */
 #ifdef LTC_CLEAN_STACK
-static void _blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+static int _blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 #else
-void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 #endif
 {
    ulong32 L, R;
@@ -428,13 +429,16 @@ void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
    /* store */
    STORE32H(R, &ct[0]);
    STORE32H(L, &ct[4]);
+
+   return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 {
-    _blowfish_ecb_encrypt(pt, ct, skey);
+    int err = _blowfish_ecb_encrypt(pt, ct, skey);
     burn_stack(sizeof(ulong32) * 2 + sizeof(int));
+    return err;
 }
 #endif
 
@@ -443,11 +447,12 @@ void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
   @param ct The input ciphertext (8 bytes)
   @param pt The output plaintext (8 bytes)
   @param skey The key as scheduled 
+  @return CRYPT_OK if successful
 */
 #ifdef LTC_CLEAN_STACK
-static void _blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+static int _blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 #else
-void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 #endif
 {
    ulong32 L, R;
@@ -486,13 +491,15 @@ void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_
    /* store */
    STORE32H(L, &pt[0]);
    STORE32H(R, &pt[4]);
+   return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 {
-    _blowfish_ecb_decrypt(ct, pt, skey);
+    int err = _blowfish_ecb_decrypt(ct, pt, skey);
     burn_stack(sizeof(ulong32) * 2 + sizeof(int));
+    return err;
 }
 #endif
 
@@ -541,7 +548,7 @@ int blowfish_test(void)
       blowfish_ecb_decrypt(tmp[0], tmp[1], &key);
 
       /* compare */
-      if ((memcmp(tmp[0], tests[x].ct, 8) != 0) || (memcmp(tmp[1], tests[x].pt, 8) != 0)) {
+      if ((XMEMCMP(tmp[0], tests[x].ct, 8) != 0) || (XMEMCMP(tmp[1], tests[x].pt, 8) != 0)) {
          return CRYPT_FAIL_TESTVECTOR;
       }
 
@@ -583,5 +590,5 @@ int blowfish_keysize(int *keysize)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/blowfish.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/ciphers/cast5.c b/libtomcrypt/src/ciphers/cast5.c
index f4b045c..eba39da 100644
--- a/libtomcrypt/src/ciphers/cast5.c
+++ b/libtomcrypt/src/ciphers/cast5.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
  
  /** 
@@ -27,7 +27,7 @@ const struct ltc_cipher_descriptor cast5_desc = {
    &cast5_test,
    &cast5_done,
    &cast5_keysize,
-   NULL, NULL, NULL, NULL, NULL, NULL, NULL
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
 static const ulong32 S1[256] = {
@@ -536,9 +536,9 @@ INLINE static ulong32 FIII(ulong32 R, ulong32 Km, ulong32 Kr)
   @param skey The key as scheduled
 */
 #ifdef LTC_CLEAN_STACK
-static void _cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+static int _cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 #else
-void cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 #endif
 {
    ulong32 R, L;
@@ -569,14 +569,16 @@ void cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key
    }
    STORE32H(R,&ct[0]);
    STORE32H(L,&ct[4]);
+   return CRYPT_OK;
 }
 
 
 #ifdef LTC_CLEAN_STACK
-void cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 {
-   _cast5_ecb_encrypt(pt,ct,skey);
+   int err =_cast5_ecb_encrypt(pt,ct,skey);
    burn_stack(sizeof(ulong32)*3);
+   return err;
 }
 #endif
 
@@ -587,9 +589,9 @@ void cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key
   @param skey The key as scheduled 
 */
 #ifdef LTC_CLEAN_STACK
-static void _cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+static int _cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 #else
-void cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 #endif
 {
    ulong32 R, L;
@@ -620,13 +622,16 @@ void cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key
    L ^= FI(R, skey->cast5.K[0], skey->cast5.K[16]);
    STORE32H(L,&pt[0]);
    STORE32H(R,&pt[4]);
+
+   return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 {
-   _cast5_ecb_decrypt(ct,pt,skey);
+   int err = _cast5_ecb_decrypt(ct,pt,skey);
    burn_stack(sizeof(ulong32)*3);
+   return err;
 }
 #endif
 
@@ -671,7 +676,7 @@ int cast5_test(void)
        }
        cast5_ecb_encrypt(tests[i].pt, tmp[0], &key);
        cast5_ecb_decrypt(tmp[0], tmp[1], &key);
-       if ((memcmp(tmp[0], tests[i].ct, 8) != 0) || (memcmp(tmp[1], tests[i].pt, 8) != 0)) {
+       if ((XMEMCMP(tmp[0], tests[i].ct, 8) != 0) || (XMEMCMP(tmp[1], tests[i].pt, 8) != 0)) {
           return CRYPT_FAIL_TESTVECTOR;
        }
       /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */
@@ -711,5 +716,5 @@ int cast5_keysize(int *keysize)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/cast5.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/ciphers/des.c b/libtomcrypt/src/ciphers/des.c
index 84258d0..e505b14 100644
--- a/libtomcrypt/src/ciphers/des.c
+++ b/libtomcrypt/src/ciphers/des.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -32,7 +32,7 @@ const struct ltc_cipher_descriptor des_desc =
     &des_test,
     &des_done,
     &des_keysize,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL
+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 #endif
 
@@ -47,7 +47,7 @@ const struct ltc_cipher_descriptor des3_desc =
     &des3_test,
     &des3_done,
     &des3_keysize,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL
+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
 static const ulong32 bytebit[8] =
@@ -1587,8 +1587,9 @@ int des3_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_k
   @param pt The input plaintext (8 bytes)
   @param ct The output ciphertext (8 bytes)
   @param skey The key as scheduled
+  @return CRYPT_OK if successful
 */
-void des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 {
     ulong32 work[2];
     LTC_ARGCHK(pt   != NULL);
@@ -1599,6 +1600,7 @@ void des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *
     desfunc(work, skey->des.ek);
     STORE32H(work[0],ct+0);
     STORE32H(work[1],ct+4);
+    return CRYPT_OK;
 }
 
 /**
@@ -1606,8 +1608,9 @@ void des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *
   @param ct The input ciphertext (8 bytes)
   @param pt The output plaintext (8 bytes)
   @param skey The key as scheduled 
+  @return CRYPT_OK if successful
 */
-void des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 {
     ulong32 work[2];
     LTC_ARGCHK(pt   != NULL);
@@ -1617,7 +1620,8 @@ void des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *
     LOAD32H(work[1], ct+4);
     desfunc(work, skey->des.dk);
     STORE32H(work[0],pt+0);
-    STORE32H(work[1],pt+4);
+    STORE32H(work[1],pt+4);  
+    return CRYPT_OK;
 }
 #endif
 
@@ -1626,8 +1630,9 @@ void des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *
   @param pt The input plaintext (8 bytes)
   @param ct The output ciphertext (8 bytes)
   @param skey The key as scheduled
+  @return CRYPT_OK if successful
 */
-void des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 {
     ulong32 work[2];
     
@@ -1641,6 +1646,7 @@ void des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key
     desfunc(work, skey->des3.ek[2]);
     STORE32H(work[0],ct+0);
     STORE32H(work[1],ct+4);
+    return CRYPT_OK;
 }
 
 /**
@@ -1648,8 +1654,9 @@ void des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key
   @param ct The input ciphertext (8 bytes)
   @param pt The output plaintext (8 bytes)
   @param skey The key as scheduled 
+  @return CRYPT_OK if successful
 */
-void des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 {
     ulong32 work[2];
     LTC_ARGCHK(pt   != NULL);
@@ -1662,6 +1669,7 @@ void des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key
     desfunc(work, skey->des3.dk[2]);
     STORE32H(work[0],pt+0);
     STORE32H(work[1],pt+4);
+    return CRYPT_OK;
 }
 
 #if 0
@@ -1797,7 +1805,7 @@ int des_test(void)
            des_ecb_decrypt(cases[i].txt, tmp, &des);
         }
 
-        if (memcmp(cases[i].out, tmp, sizeof(tmp)) != 0) {
+        if (XMEMCMP(cases[i].out, tmp, sizeof(tmp)) != 0) {
            return CRYPT_FAIL_TESTVECTOR;
         }
 
@@ -1841,7 +1849,7 @@ int des3_test(void)
    des3_ecb_encrypt(pt, ct, &skey);
    des3_ecb_decrypt(ct, tmp, &skey);
    
-   if (memcmp(pt, tmp, 8) != 0) {
+   if (XMEMCMP(pt, tmp, 8) != 0) {
       return CRYPT_FAIL_TESTVECTOR;
    }
    
@@ -1902,5 +1910,5 @@ int des3_keysize(int *keysize)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/des.c,v $ */
-/* $Revision: 1.8 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.13 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/ciphers/kasumi.c b/libtomcrypt/src/ciphers/kasumi.c
new file mode 100644
index 0000000..4a075b1
--- /dev/null
+++ b/libtomcrypt/src/ciphers/kasumi.c
@@ -0,0 +1,318 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/**
+  @file kasumi.c
+  Implementation of the 3GPP Kasumi block cipher
+  Derived from the 3GPP standard source code
+*/
+
+#include "tomcrypt.h"
+
+#ifdef LTC_KASUMI
+
+typedef unsigned u16;
+
+#define ROL16(x, y) ((((x)<<(y)) | ((x)>>(16-(y)))) & 0xFFFF)
+
+const struct ltc_cipher_descriptor kasumi_desc = {
+   "kasumi",
+   21,
+   16, 16, 8, 8,
+   &kasumi_setup,
+   &kasumi_ecb_encrypt,
+   &kasumi_ecb_decrypt,
+   &kasumi_test,
+   &kasumi_done,
+   &kasumi_keysize,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
+};
+
+static u16 FI( u16 in, u16 subkey )
+{
+   u16 nine, seven;
+   static const u16 S7[128] = {
+      54, 50, 62, 56, 22, 34, 94, 96, 38, 6, 63, 93, 2, 18,123, 33,
+      55,113, 39,114, 21, 67, 65, 12, 47, 73, 46, 27, 25,111,124, 81,
+      53, 9,121, 79, 52, 60, 58, 48,101,127, 40,120,104, 70, 71, 43,
+      20,122, 72, 61, 23,109, 13,100, 77, 1, 16, 7, 82, 10,105, 98,
+      117,116, 76, 11, 89,106, 0,125,118, 99, 86, 69, 30, 57,126, 87,
+      112, 51, 17, 5, 95, 14, 90, 84, 91, 8, 35,103, 32, 97, 28, 66,
+      102, 31, 26, 45, 75, 4, 85, 92, 37, 74, 80, 49, 68, 29,115, 44,
+      64,107,108, 24,110, 83, 36, 78, 42, 19, 15, 41, 88,119, 59, 3 };
+  static const u16 S9[512] = {
+      167,239,161,379,391,334, 9,338, 38,226, 48,358,452,385, 90,397,
+      183,253,147,331,415,340, 51,362,306,500,262, 82,216,159,356,177,
+      175,241,489, 37,206, 17, 0,333, 44,254,378, 58,143,220, 81,400,
+       95, 3,315,245, 54,235,218,405,472,264,172,494,371,290,399, 76,
+      165,197,395,121,257,480,423,212,240, 28,462,176,406,507,288,223,
+      501,407,249,265, 89,186,221,428,164, 74,440,196,458,421,350,163,
+      232,158,134,354, 13,250,491,142,191, 69,193,425,152,227,366,135,
+      344,300,276,242,437,320,113,278, 11,243, 87,317, 36, 93,496, 27,
+      487,446,482, 41, 68,156,457,131,326,403,339, 20, 39,115,442,124,
+      475,384,508, 53,112,170,479,151,126,169, 73,268,279,321,168,364,
+      363,292, 46,499,393,327,324, 24,456,267,157,460,488,426,309,229,
+      439,506,208,271,349,401,434,236, 16,209,359, 52, 56,120,199,277,
+      465,416,252,287,246, 6, 83,305,420,345,153,502, 65, 61,244,282,
+      173,222,418, 67,386,368,261,101,476,291,195,430, 49, 79,166,330,
+      280,383,373,128,382,408,155,495,367,388,274,107,459,417, 62,454,
+      132,225,203,316,234, 14,301, 91,503,286,424,211,347,307,140,374,
+       35,103,125,427, 19,214,453,146,498,314,444,230,256,329,198,285,
+       50,116, 78,410, 10,205,510,171,231, 45,139,467, 29, 86,505, 32,
+       72, 26,342,150,313,490,431,238,411,325,149,473, 40,119,174,355,
+      185,233,389, 71,448,273,372, 55,110,178,322, 12,469,392,369,190,
+        1,109,375,137,181, 88, 75,308,260,484, 98,272,370,275,412,111,
+      336,318, 4,504,492,259,304, 77,337,435, 21,357,303,332,483, 18,
+       47, 85, 25,497,474,289,100,269,296,478,270,106, 31,104,433, 84,
+      414,486,394, 96, 99,154,511,148,413,361,409,255,162,215,302,201,
+      266,351,343,144,441,365,108,298,251, 34,182,509,138,210,335,133,
+      311,352,328,141,396,346,123,319,450,281,429,228,443,481, 92,404,
+      485,422,248,297, 23,213,130,466, 22,217,283, 70,294,360,419,127,
+      312,377, 7,468,194, 2,117,295,463,258,224,447,247,187, 80,398,
+      284,353,105,390,299,471,470,184, 57,200,348, 63,204,188, 33,451,
+       97, 30,310,219, 94,160,129,493, 64,179,263,102,189,207,114,402,
+      438,477,387,122,192, 42,381, 5,145,118,180,449,293,323,136,380,
+       43, 66, 60,455,341,445,202,432, 8,237, 15,376,436,464, 59,461};
+
+  /* The sixteen bit input is split into two unequal halves, *
+   * nine bits and seven bits - as is the subkey            */
+
+  nine  = (u16)(in>>7)&0x1FF;
+  seven = (u16)(in&0x7F);
+
+  /* Now run the various operations */
+  nine   = (u16)(S9[nine] ^ seven);
+  seven  = (u16)(S7[seven] ^ (nine & 0x7F));
+  seven ^= (subkey>>9);
+  nine  ^= (subkey&0x1FF);
+  nine   = (u16)(S9[nine] ^ seven);
+  seven  = (u16)(S7[seven] ^ (nine & 0x7F));
+  return (u16)(seven<<9) + nine;
+}
+
+static ulong32 FO( ulong32 in, int round_no, symmetric_key *key)
+{
+   u16 left, right;
+
+  /* Split the input into two 16-bit words */
+  left = (u16)(in>>16);
+  right = (u16) in&0xFFFF;
+
+  /* Now apply the same basic transformation three times */
+  left ^= key->kasumi.KOi1[round_no];
+  left = FI( left, key->kasumi.KIi1[round_no] );
+  left ^= right;
+
+  right ^= key->kasumi.KOi2[round_no];
+  right = FI( right, key->kasumi.KIi2[round_no] );
+  right ^= left;
+
+  left ^= key->kasumi.KOi3[round_no];
+  left = FI( left, key->kasumi.KIi3[round_no] );
+  left ^= right;
+
+  return (((ulong32)right)<<16)+left;
+}
+
+static ulong32 FL( ulong32 in, int round_no, symmetric_key *key )
+{
+    u16 l, r, a, b;
+    /* split out the left and right halves */
+    l = (u16)(in>>16);
+    r = (u16)(in)&0xFFFF;
+    /* do the FL() operations           */
+    a = (u16) (l & key->kasumi.KLi1[round_no]);
+    r ^= ROL16(a,1);
+    b = (u16)(r | key->kasumi.KLi2[round_no]);
+    l ^= ROL16(b,1);
+    /* put the two halves back together */
+
+    return (((ulong32)l)<<16) + r;
+}
+
+int kasumi_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+{
+    ulong32 left, right, temp;
+    int n;
+
+    LTC_ARGCHK(pt   != NULL);
+    LTC_ARGCHK(ct   != NULL);
+    LTC_ARGCHK(skey != NULL);
+
+    LOAD32H(left, pt);
+    LOAD32H(right, pt+4);
+
+    for (n = 0; n <= 7; ) {     
+        temp = FL(left,  n,   skey);
+        temp = FO(temp,  n++, skey);
+        right ^= temp;
+        temp = FO(right, n,   skey);
+        temp = FL(temp,  n++, skey);
+        left ^= temp;
+    }
+
+    STORE32H(left, ct);
+    STORE32H(right, ct+4);
+
+    return CRYPT_OK;
+}
+
+int kasumi_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+{
+    ulong32 left, right, temp;
+    int n;
+
+    LTC_ARGCHK(pt   != NULL);
+    LTC_ARGCHK(ct   != NULL);
+    LTC_ARGCHK(skey != NULL);
+
+    LOAD32H(left, ct);
+    LOAD32H(right, ct+4);
+
+    for (n = 7; n >= 0; ) {
+        temp = FO(right, n,   skey);
+        temp = FL(temp,  n--, skey);
+        left ^= temp;
+        temp = FL(left,  n,   skey);
+        temp = FO(temp,  n--, skey);
+        right ^= temp;
+    }
+
+    STORE32H(left, pt);
+    STORE32H(right, pt+4);
+
+    return CRYPT_OK;
+}
+
+int kasumi_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
+{
+    static const u16 C[8] = { 0x0123,0x4567,0x89AB,0xCDEF, 0xFEDC,0xBA98,0x7654,0x3210 };
+    u16 ukey[8], Kprime[8];
+    int n;
+
+    LTC_ARGCHK(key  != NULL);
+    LTC_ARGCHK(skey != NULL);
+
+    if (keylen != 16) {
+       return CRYPT_INVALID_KEYSIZE;
+    }
+
+    if (num_rounds != 0 && num_rounds != 8) {
+       return CRYPT_INVALID_ROUNDS;
+    }
+
+    /* Start by ensuring the subkeys are endian correct on a 16-bit basis */
+    for (n = 0; n < 8; n++ ) {
+        ukey[n] = (((u16)key[2*n]) << 8) | key[2*n+1];
+    }
+
+    /* Now build the K'[] keys */
+    for (n = 0; n < 8; n++) {
+        Kprime[n] = ukey[n] ^ C[n];
+    }
+
+    /* Finally construct the various sub keys */
+    for(n = 0; n < 8; n++) {
+        skey->kasumi.KLi1[n] = ROL16(ukey[n],1);
+        skey->kasumi.KLi2[n] = Kprime[(n+2)&0x7];
+        skey->kasumi.KOi1[n] = ROL16(ukey[(n+1)&0x7],5);
+        skey->kasumi.KOi2[n] = ROL16(ukey[(n+5)&0x7],8);
+        skey->kasumi.KOi3[n] = ROL16(ukey[(n+6)&0x7],13);
+        skey->kasumi.KIi1[n] = Kprime[(n+4)&0x7];
+        skey->kasumi.KIi2[n] = Kprime[(n+3)&0x7];
+        skey->kasumi.KIi3[n] = Kprime[(n+7)&0x7];
+    }
+
+    return CRYPT_OK;
+}
+
+void kasumi_done(symmetric_key *skey)
+{
+}
+
+int kasumi_keysize(int *keysize)
+{
+   LTC_ARGCHK(keysize != NULL);
+   if (*keysize >= 16) {
+      *keysize = 16;
+      return CRYPT_OK;
+   } else {
+      return CRYPT_INVALID_KEYSIZE;
+   }
+}
+
+int kasumi_test(void)
+{
+#ifndef LTC_TEST
+   return CRYPT_NOP;
+#else
+   static const struct {
+      unsigned char key[16], pt[8], ct[8];
+   } tests[] = {
+
+{
+   { 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x4B, 0x58, 0xA7, 0x71, 0xAF, 0xC7, 0xE5, 0xE8 }
+},
+
+{
+   { 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x7E, 0xEF, 0x11, 0x3C, 0x95, 0xBB, 0x5A, 0x77 }
+},
+
+{
+   { 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x5F, 0x14, 0x06, 0x86, 0xD7, 0xAD, 0x5A, 0x39 },
+},
+
+{
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0x2E, 0x14, 0x91, 0xCF, 0x70, 0xAA, 0x46, 0x5D }
+},
+
+{
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00 },
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   { 0xB5, 0x45, 0x86, 0xF4, 0xAB, 0x9A, 0xE5, 0x46 }
+},
+
+};
+   unsigned char buf[2][8];
+   symmetric_key key;
+   int err, x;
+
+   for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
+       if ((err = kasumi_setup(tests[x].key, 16, 0, &key)) != CRYPT_OK) {
+          return err;
+       }
+       if ((err = kasumi_ecb_encrypt(tests[x].pt, buf[0], &key)) != CRYPT_OK) {
+          return err;
+       }
+       if ((err = kasumi_ecb_decrypt(tests[x].ct, buf[1], &key)) != CRYPT_OK) {
+          return err;
+       }
+       if (XMEMCMP(tests[x].pt, buf[1], 8) || XMEMCMP(tests[x].ct, buf[0], 8)) {
+          return CRYPT_FAIL_TESTVECTOR;
+       }
+   }
+   return CRYPT_OK;
+#endif
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/kasumi.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/11/09 03:05:44 $ */
diff --git a/libtomcrypt/src/ciphers/khazad.c b/libtomcrypt/src/ciphers/khazad.c
index d07134c..8490950 100644
--- a/libtomcrypt/src/ciphers/khazad.c
+++ b/libtomcrypt/src/ciphers/khazad.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -28,7 +28,7 @@ const struct ltc_cipher_descriptor khazad_desc = {
    &khazad_test,
    &khazad_done,
    &khazad_keysize,
-   NULL, NULL, NULL, NULL, NULL, NULL, NULL
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
 #define R      8 
@@ -741,13 +741,15 @@ static void khazad_crypt(const unsigned char *plaintext, unsigned char *cipherte
   @param pt The input plaintext (8 bytes)
   @param ct The output ciphertext (8 bytes)
   @param skey The key as scheduled
+  @return CRYPT_OK if successful
 */
-void khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 {
    LTC_ARGCHK(pt   != NULL);
    LTC_ARGCHK(ct   != NULL);
    LTC_ARGCHK(skey != NULL);
    khazad_crypt(pt, ct, skey->khazad.roundKeyEnc);
+   return CRYPT_OK;
 }
 
 /**
@@ -755,13 +757,15 @@ void khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_ke
   @param ct The input ciphertext (8 bytes)
   @param pt The output plaintext (8 bytes)
   @param skey The key as scheduled 
+  @return CRYPT_OK if successful
 */
-void khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 {
    LTC_ARGCHK(pt   != NULL);
    LTC_ARGCHK(ct   != NULL);
    LTC_ARGCHK(skey != NULL);
    khazad_crypt(ct, pt, skey->khazad.roundKeyDec);
+   return CRYPT_OK;
 }
 
 /**
@@ -806,13 +810,13 @@ int khazad_test(void)
        khazad_setup(tests[x].key, 16, 0, &skey);
        khazad_ecb_encrypt(tests[x].pt, buf[0], &skey);
        khazad_ecb_decrypt(buf[0], buf[1], &skey);
-       if (memcmp(buf[0], tests[x].ct, 8) || memcmp(buf[1], tests[x].pt, 8)) {
+       if (XMEMCMP(buf[0], tests[x].ct, 8) || XMEMCMP(buf[1], tests[x].pt, 8)) {
           return CRYPT_FAIL_TESTVECTOR;
        }
 
        for (y = 0; y < 1000; y++) khazad_ecb_encrypt(buf[0], buf[0], &skey);
        for (y = 0; y < 1000; y++) khazad_ecb_decrypt(buf[0], buf[0], &skey);
-       if (memcmp(buf[0], tests[x].ct, 8)) {
+       if (XMEMCMP(buf[0], tests[x].ct, 8)) {
           return CRYPT_FAIL_TESTVECTOR;
        }
 
@@ -847,5 +851,5 @@ int khazad_keysize(int *keysize)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/khazad.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/ciphers/kseed.c b/libtomcrypt/src/ciphers/kseed.c
new file mode 100644
index 0000000..4281ac5
--- /dev/null
+++ b/libtomcrypt/src/ciphers/kseed.c
@@ -0,0 +1,376 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/**
+  @file kseed.c
+  seed implementation of SEED derived from RFC4269
+  Tom St Denis
+*/
+
+#include "tomcrypt.h"
+
+#ifdef KSEED
+
+const struct ltc_cipher_descriptor kseed_desc = {
+   "seed",
+   20,
+   16, 16, 16, 16,
+   &kseed_setup,
+   &kseed_ecb_encrypt,
+   &kseed_ecb_decrypt,
+   &kseed_test,
+   &kseed_done,
+   &kseed_keysize,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
+};
+
+static const ulong32 SS0[256] = {
+0x2989A1A8UL,0x05858184UL,0x16C6D2D4UL,0x13C3D3D0UL,0x14445054UL,0x1D0D111CUL,0x2C8CA0ACUL,0x25052124UL,
+0x1D4D515CUL,0x03434340UL,0x18081018UL,0x1E0E121CUL,0x11415150UL,0x3CCCF0FCUL,0x0ACAC2C8UL,0x23436360UL,
+0x28082028UL,0x04444044UL,0x20002020UL,0x1D8D919CUL,0x20C0E0E0UL,0x22C2E2E0UL,0x08C8C0C8UL,0x17071314UL,
+0x2585A1A4UL,0x0F8F838CUL,0x03030300UL,0x3B4B7378UL,0x3B8BB3B8UL,0x13031310UL,0x12C2D2D0UL,0x2ECEE2ECUL,
+0x30407070UL,0x0C8C808CUL,0x3F0F333CUL,0x2888A0A8UL,0x32023230UL,0x1DCDD1DCUL,0x36C6F2F4UL,0x34447074UL,
+0x2CCCE0ECUL,0x15859194UL,0x0B0B0308UL,0x17475354UL,0x1C4C505CUL,0x1B4B5358UL,0x3D8DB1BCUL,0x01010100UL,
+0x24042024UL,0x1C0C101CUL,0x33437370UL,0x18889098UL,0x10001010UL,0x0CCCC0CCUL,0x32C2F2F0UL,0x19C9D1D8UL,
+0x2C0C202CUL,0x27C7E3E4UL,0x32427270UL,0x03838380UL,0x1B8B9398UL,0x11C1D1D0UL,0x06868284UL,0x09C9C1C8UL,
+0x20406060UL,0x10405050UL,0x2383A3A0UL,0x2BCBE3E8UL,0x0D0D010CUL,0x3686B2B4UL,0x1E8E929CUL,0x0F4F434CUL,
+0x3787B3B4UL,0x1A4A5258UL,0x06C6C2C4UL,0x38487078UL,0x2686A2A4UL,0x12021210UL,0x2F8FA3ACUL,0x15C5D1D4UL,
+0x21416160UL,0x03C3C3C0UL,0x3484B0B4UL,0x01414140UL,0x12425250UL,0x3D4D717CUL,0x0D8D818CUL,0x08080008UL,
+0x1F0F131CUL,0x19899198UL,0x00000000UL,0x19091118UL,0x04040004UL,0x13435350UL,0x37C7F3F4UL,0x21C1E1E0UL,
+0x3DCDF1FCUL,0x36467274UL,0x2F0F232CUL,0x27072324UL,0x3080B0B0UL,0x0B8B8388UL,0x0E0E020CUL,0x2B8BA3A8UL,
+0x2282A2A0UL,0x2E4E626CUL,0x13839390UL,0x0D4D414CUL,0x29496168UL,0x3C4C707CUL,0x09090108UL,0x0A0A0208UL,
+0x3F8FB3BCUL,0x2FCFE3ECUL,0x33C3F3F0UL,0x05C5C1C4UL,0x07878384UL,0x14041014UL,0x3ECEF2FCUL,0x24446064UL,
+0x1ECED2DCUL,0x2E0E222CUL,0x0B4B4348UL,0x1A0A1218UL,0x06060204UL,0x21012120UL,0x2B4B6368UL,0x26466264UL,
+0x02020200UL,0x35C5F1F4UL,0x12829290UL,0x0A8A8288UL,0x0C0C000CUL,0x3383B3B0UL,0x3E4E727CUL,0x10C0D0D0UL,
+0x3A4A7278UL,0x07474344UL,0x16869294UL,0x25C5E1E4UL,0x26062224UL,0x00808080UL,0x2D8DA1ACUL,0x1FCFD3DCUL,
+0x2181A1A0UL,0x30003030UL,0x37073334UL,0x2E8EA2ACUL,0x36063234UL,0x15051114UL,0x22022220UL,0x38083038UL,
+0x34C4F0F4UL,0x2787A3A4UL,0x05454144UL,0x0C4C404CUL,0x01818180UL,0x29C9E1E8UL,0x04848084UL,0x17879394UL,
+0x35053134UL,0x0BCBC3C8UL,0x0ECEC2CCUL,0x3C0C303CUL,0x31417170UL,0x11011110UL,0x07C7C3C4UL,0x09898188UL,
+0x35457174UL,0x3BCBF3F8UL,0x1ACAD2D8UL,0x38C8F0F8UL,0x14849094UL,0x19495158UL,0x02828280UL,0x04C4C0C4UL,
+0x3FCFF3FCUL,0x09494148UL,0x39093138UL,0x27476364UL,0x00C0C0C0UL,0x0FCFC3CCUL,0x17C7D3D4UL,0x3888B0B8UL,
+0x0F0F030CUL,0x0E8E828CUL,0x02424240UL,0x23032320UL,0x11819190UL,0x2C4C606CUL,0x1BCBD3D8UL,0x2484A0A4UL,
+0x34043034UL,0x31C1F1F0UL,0x08484048UL,0x02C2C2C0UL,0x2F4F636CUL,0x3D0D313CUL,0x2D0D212CUL,0x00404040UL,
+0x3E8EB2BCUL,0x3E0E323CUL,0x3C8CB0BCUL,0x01C1C1C0UL,0x2A8AA2A8UL,0x3A8AB2B8UL,0x0E4E424CUL,0x15455154UL,
+0x3B0B3338UL,0x1CCCD0DCUL,0x28486068UL,0x3F4F737CUL,0x1C8C909CUL,0x18C8D0D8UL,0x0A4A4248UL,0x16465254UL,
+0x37477374UL,0x2080A0A0UL,0x2DCDE1ECUL,0x06464244UL,0x3585B1B4UL,0x2B0B2328UL,0x25456164UL,0x3ACAF2F8UL,
+0x23C3E3E0UL,0x3989B1B8UL,0x3181B1B0UL,0x1F8F939CUL,0x1E4E525CUL,0x39C9F1F8UL,0x26C6E2E4UL,0x3282B2B0UL,
+0x31013130UL,0x2ACAE2E8UL,0x2D4D616CUL,0x1F4F535CUL,0x24C4E0E4UL,0x30C0F0F0UL,0x0DCDC1CCUL,0x08888088UL,
+0x16061214UL,0x3A0A3238UL,0x18485058UL,0x14C4D0D4UL,0x22426260UL,0x29092128UL,0x07070304UL,0x33033330UL,
+0x28C8E0E8UL,0x1B0B1318UL,0x05050104UL,0x39497178UL,0x10809090UL,0x2A4A6268UL,0x2A0A2228UL,0x1A8A9298UL
+};
+
+static const ulong32 SS1[256] = {
+0x38380830UL,0xE828C8E0UL,0x2C2D0D21UL,0xA42686A2UL,0xCC0FCFC3UL,0xDC1ECED2UL,0xB03383B3UL,0xB83888B0UL,
+0xAC2F8FA3UL,0x60204060UL,0x54154551UL,0xC407C7C3UL,0x44044440UL,0x6C2F4F63UL,0x682B4B63UL,0x581B4B53UL,
+0xC003C3C3UL,0x60224262UL,0x30330333UL,0xB43585B1UL,0x28290921UL,0xA02080A0UL,0xE022C2E2UL,0xA42787A3UL,
+0xD013C3D3UL,0x90118191UL,0x10110111UL,0x04060602UL,0x1C1C0C10UL,0xBC3C8CB0UL,0x34360632UL,0x480B4B43UL,
+0xEC2FCFE3UL,0x88088880UL,0x6C2C4C60UL,0xA82888A0UL,0x14170713UL,0xC404C4C0UL,0x14160612UL,0xF434C4F0UL,
+0xC002C2C2UL,0x44054541UL,0xE021C1E1UL,0xD416C6D2UL,0x3C3F0F33UL,0x3C3D0D31UL,0x8C0E8E82UL,0x98188890UL,
+0x28280820UL,0x4C0E4E42UL,0xF436C6F2UL,0x3C3E0E32UL,0xA42585A1UL,0xF839C9F1UL,0x0C0D0D01UL,0xDC1FCFD3UL,
+0xD818C8D0UL,0x282B0B23UL,0x64264662UL,0x783A4A72UL,0x24270723UL,0x2C2F0F23UL,0xF031C1F1UL,0x70324272UL,
+0x40024242UL,0xD414C4D0UL,0x40014141UL,0xC000C0C0UL,0x70334373UL,0x64274763UL,0xAC2C8CA0UL,0x880B8B83UL,
+0xF437C7F3UL,0xAC2D8DA1UL,0x80008080UL,0x1C1F0F13UL,0xC80ACAC2UL,0x2C2C0C20UL,0xA82A8AA2UL,0x34340430UL,
+0xD012C2D2UL,0x080B0B03UL,0xEC2ECEE2UL,0xE829C9E1UL,0x5C1D4D51UL,0x94148490UL,0x18180810UL,0xF838C8F0UL,
+0x54174753UL,0xAC2E8EA2UL,0x08080800UL,0xC405C5C1UL,0x10130313UL,0xCC0DCDC1UL,0x84068682UL,0xB83989B1UL,
+0xFC3FCFF3UL,0x7C3D4D71UL,0xC001C1C1UL,0x30310131UL,0xF435C5F1UL,0x880A8A82UL,0x682A4A62UL,0xB03181B1UL,
+0xD011C1D1UL,0x20200020UL,0xD417C7D3UL,0x00020202UL,0x20220222UL,0x04040400UL,0x68284860UL,0x70314171UL,
+0x04070703UL,0xD81BCBD3UL,0x9C1D8D91UL,0x98198991UL,0x60214161UL,0xBC3E8EB2UL,0xE426C6E2UL,0x58194951UL,
+0xDC1DCDD1UL,0x50114151UL,0x90108090UL,0xDC1CCCD0UL,0x981A8A92UL,0xA02383A3UL,0xA82B8BA3UL,0xD010C0D0UL,
+0x80018181UL,0x0C0F0F03UL,0x44074743UL,0x181A0A12UL,0xE023C3E3UL,0xEC2CCCE0UL,0x8C0D8D81UL,0xBC3F8FB3UL,
+0x94168692UL,0x783B4B73UL,0x5C1C4C50UL,0xA02282A2UL,0xA02181A1UL,0x60234363UL,0x20230323UL,0x4C0D4D41UL,
+0xC808C8C0UL,0x9C1E8E92UL,0x9C1C8C90UL,0x383A0A32UL,0x0C0C0C00UL,0x2C2E0E22UL,0xB83A8AB2UL,0x6C2E4E62UL,
+0x9C1F8F93UL,0x581A4A52UL,0xF032C2F2UL,0x90128292UL,0xF033C3F3UL,0x48094941UL,0x78384870UL,0xCC0CCCC0UL,
+0x14150511UL,0xF83BCBF3UL,0x70304070UL,0x74354571UL,0x7C3F4F73UL,0x34350531UL,0x10100010UL,0x00030303UL,
+0x64244460UL,0x6C2D4D61UL,0xC406C6C2UL,0x74344470UL,0xD415C5D1UL,0xB43484B0UL,0xE82ACAE2UL,0x08090901UL,
+0x74364672UL,0x18190911UL,0xFC3ECEF2UL,0x40004040UL,0x10120212UL,0xE020C0E0UL,0xBC3D8DB1UL,0x04050501UL,
+0xF83ACAF2UL,0x00010101UL,0xF030C0F0UL,0x282A0A22UL,0x5C1E4E52UL,0xA82989A1UL,0x54164652UL,0x40034343UL,
+0x84058581UL,0x14140410UL,0x88098981UL,0x981B8B93UL,0xB03080B0UL,0xE425C5E1UL,0x48084840UL,0x78394971UL,
+0x94178793UL,0xFC3CCCF0UL,0x1C1E0E12UL,0x80028282UL,0x20210121UL,0x8C0C8C80UL,0x181B0B13UL,0x5C1F4F53UL,
+0x74374773UL,0x54144450UL,0xB03282B2UL,0x1C1D0D11UL,0x24250521UL,0x4C0F4F43UL,0x00000000UL,0x44064642UL,
+0xEC2DCDE1UL,0x58184850UL,0x50124252UL,0xE82BCBE3UL,0x7C3E4E72UL,0xD81ACAD2UL,0xC809C9C1UL,0xFC3DCDF1UL,
+0x30300030UL,0x94158591UL,0x64254561UL,0x3C3C0C30UL,0xB43686B2UL,0xE424C4E0UL,0xB83B8BB3UL,0x7C3C4C70UL,
+0x0C0E0E02UL,0x50104050UL,0x38390931UL,0x24260622UL,0x30320232UL,0x84048480UL,0x68294961UL,0x90138393UL,
+0x34370733UL,0xE427C7E3UL,0x24240420UL,0xA42484A0UL,0xC80BCBC3UL,0x50134353UL,0x080A0A02UL,0x84078783UL,
+0xD819C9D1UL,0x4C0C4C40UL,0x80038383UL,0x8C0F8F83UL,0xCC0ECEC2UL,0x383B0B33UL,0x480A4A42UL,0xB43787B3UL
+};
+
+static const ulong32 SS2[256] = {
+0xA1A82989UL,0x81840585UL,0xD2D416C6UL,0xD3D013C3UL,0x50541444UL,0x111C1D0DUL,0xA0AC2C8CUL,0x21242505UL,
+0x515C1D4DUL,0x43400343UL,0x10181808UL,0x121C1E0EUL,0x51501141UL,0xF0FC3CCCUL,0xC2C80ACAUL,0x63602343UL,
+0x20282808UL,0x40440444UL,0x20202000UL,0x919C1D8DUL,0xE0E020C0UL,0xE2E022C2UL,0xC0C808C8UL,0x13141707UL,
+0xA1A42585UL,0x838C0F8FUL,0x03000303UL,0x73783B4BUL,0xB3B83B8BUL,0x13101303UL,0xD2D012C2UL,0xE2EC2ECEUL,
+0x70703040UL,0x808C0C8CUL,0x333C3F0FUL,0xA0A82888UL,0x32303202UL,0xD1DC1DCDUL,0xF2F436C6UL,0x70743444UL,
+0xE0EC2CCCUL,0x91941585UL,0x03080B0BUL,0x53541747UL,0x505C1C4CUL,0x53581B4BUL,0xB1BC3D8DUL,0x01000101UL,
+0x20242404UL,0x101C1C0CUL,0x73703343UL,0x90981888UL,0x10101000UL,0xC0CC0CCCUL,0xF2F032C2UL,0xD1D819C9UL,
+0x202C2C0CUL,0xE3E427C7UL,0x72703242UL,0x83800383UL,0x93981B8BUL,0xD1D011C1UL,0x82840686UL,0xC1C809C9UL,
+0x60602040UL,0x50501040UL,0xA3A02383UL,0xE3E82BCBUL,0x010C0D0DUL,0xB2B43686UL,0x929C1E8EUL,0x434C0F4FUL,
+0xB3B43787UL,0x52581A4AUL,0xC2C406C6UL,0x70783848UL,0xA2A42686UL,0x12101202UL,0xA3AC2F8FUL,0xD1D415C5UL,
+0x61602141UL,0xC3C003C3UL,0xB0B43484UL,0x41400141UL,0x52501242UL,0x717C3D4DUL,0x818C0D8DUL,0x00080808UL,
+0x131C1F0FUL,0x91981989UL,0x00000000UL,0x11181909UL,0x00040404UL,0x53501343UL,0xF3F437C7UL,0xE1E021C1UL,
+0xF1FC3DCDUL,0x72743646UL,0x232C2F0FUL,0x23242707UL,0xB0B03080UL,0x83880B8BUL,0x020C0E0EUL,0xA3A82B8BUL,
+0xA2A02282UL,0x626C2E4EUL,0x93901383UL,0x414C0D4DUL,0x61682949UL,0x707C3C4CUL,0x01080909UL,0x02080A0AUL,
+0xB3BC3F8FUL,0xE3EC2FCFUL,0xF3F033C3UL,0xC1C405C5UL,0x83840787UL,0x10141404UL,0xF2FC3ECEUL,0x60642444UL,
+0xD2DC1ECEUL,0x222C2E0EUL,0x43480B4BUL,0x12181A0AUL,0x02040606UL,0x21202101UL,0x63682B4BUL,0x62642646UL,
+0x02000202UL,0xF1F435C5UL,0x92901282UL,0x82880A8AUL,0x000C0C0CUL,0xB3B03383UL,0x727C3E4EUL,0xD0D010C0UL,
+0x72783A4AUL,0x43440747UL,0x92941686UL,0xE1E425C5UL,0x22242606UL,0x80800080UL,0xA1AC2D8DUL,0xD3DC1FCFUL,
+0xA1A02181UL,0x30303000UL,0x33343707UL,0xA2AC2E8EUL,0x32343606UL,0x11141505UL,0x22202202UL,0x30383808UL,
+0xF0F434C4UL,0xA3A42787UL,0x41440545UL,0x404C0C4CUL,0x81800181UL,0xE1E829C9UL,0x80840484UL,0x93941787UL,
+0x31343505UL,0xC3C80BCBUL,0xC2CC0ECEUL,0x303C3C0CUL,0x71703141UL,0x11101101UL,0xC3C407C7UL,0x81880989UL,
+0x71743545UL,0xF3F83BCBUL,0xD2D81ACAUL,0xF0F838C8UL,0x90941484UL,0x51581949UL,0x82800282UL,0xC0C404C4UL,
+0xF3FC3FCFUL,0x41480949UL,0x31383909UL,0x63642747UL,0xC0C000C0UL,0xC3CC0FCFUL,0xD3D417C7UL,0xB0B83888UL,
+0x030C0F0FUL,0x828C0E8EUL,0x42400242UL,0x23202303UL,0x91901181UL,0x606C2C4CUL,0xD3D81BCBUL,0xA0A42484UL,
+0x30343404UL,0xF1F031C1UL,0x40480848UL,0xC2C002C2UL,0x636C2F4FUL,0x313C3D0DUL,0x212C2D0DUL,0x40400040UL,
+0xB2BC3E8EUL,0x323C3E0EUL,0xB0BC3C8CUL,0xC1C001C1UL,0xA2A82A8AUL,0xB2B83A8AUL,0x424C0E4EUL,0x51541545UL,
+0x33383B0BUL,0xD0DC1CCCUL,0x60682848UL,0x737C3F4FUL,0x909C1C8CUL,0xD0D818C8UL,0x42480A4AUL,0x52541646UL,
+0x73743747UL,0xA0A02080UL,0xE1EC2DCDUL,0x42440646UL,0xB1B43585UL,0x23282B0BUL,0x61642545UL,0xF2F83ACAUL,
+0xE3E023C3UL,0xB1B83989UL,0xB1B03181UL,0x939C1F8FUL,0x525C1E4EUL,0xF1F839C9UL,0xE2E426C6UL,0xB2B03282UL,
+0x31303101UL,0xE2E82ACAUL,0x616C2D4DUL,0x535C1F4FUL,0xE0E424C4UL,0xF0F030C0UL,0xC1CC0DCDUL,0x80880888UL,
+0x12141606UL,0x32383A0AUL,0x50581848UL,0xD0D414C4UL,0x62602242UL,0x21282909UL,0x03040707UL,0x33303303UL,
+0xE0E828C8UL,0x13181B0BUL,0x01040505UL,0x71783949UL,0x90901080UL,0x62682A4AUL,0x22282A0AUL,0x92981A8AUL
+};
+
+static const ulong32 SS3[256] = {
+0x08303838UL,0xC8E0E828UL,0x0D212C2DUL,0x86A2A426UL,0xCFC3CC0FUL,0xCED2DC1EUL,0x83B3B033UL,0x88B0B838UL,
+0x8FA3AC2FUL,0x40606020UL,0x45515415UL,0xC7C3C407UL,0x44404404UL,0x4F636C2FUL,0x4B63682BUL,0x4B53581BUL,
+0xC3C3C003UL,0x42626022UL,0x03333033UL,0x85B1B435UL,0x09212829UL,0x80A0A020UL,0xC2E2E022UL,0x87A3A427UL,
+0xC3D3D013UL,0x81919011UL,0x01111011UL,0x06020406UL,0x0C101C1CUL,0x8CB0BC3CUL,0x06323436UL,0x4B43480BUL,
+0xCFE3EC2FUL,0x88808808UL,0x4C606C2CUL,0x88A0A828UL,0x07131417UL,0xC4C0C404UL,0x06121416UL,0xC4F0F434UL,
+0xC2C2C002UL,0x45414405UL,0xC1E1E021UL,0xC6D2D416UL,0x0F333C3FUL,0x0D313C3DUL,0x8E828C0EUL,0x88909818UL,
+0x08202828UL,0x4E424C0EUL,0xC6F2F436UL,0x0E323C3EUL,0x85A1A425UL,0xC9F1F839UL,0x0D010C0DUL,0xCFD3DC1FUL,
+0xC8D0D818UL,0x0B23282BUL,0x46626426UL,0x4A72783AUL,0x07232427UL,0x0F232C2FUL,0xC1F1F031UL,0x42727032UL,
+0x42424002UL,0xC4D0D414UL,0x41414001UL,0xC0C0C000UL,0x43737033UL,0x47636427UL,0x8CA0AC2CUL,0x8B83880BUL,
+0xC7F3F437UL,0x8DA1AC2DUL,0x80808000UL,0x0F131C1FUL,0xCAC2C80AUL,0x0C202C2CUL,0x8AA2A82AUL,0x04303434UL,
+0xC2D2D012UL,0x0B03080BUL,0xCEE2EC2EUL,0xC9E1E829UL,0x4D515C1DUL,0x84909414UL,0x08101818UL,0xC8F0F838UL,
+0x47535417UL,0x8EA2AC2EUL,0x08000808UL,0xC5C1C405UL,0x03131013UL,0xCDC1CC0DUL,0x86828406UL,0x89B1B839UL,
+0xCFF3FC3FUL,0x4D717C3DUL,0xC1C1C001UL,0x01313031UL,0xC5F1F435UL,0x8A82880AUL,0x4A62682AUL,0x81B1B031UL,
+0xC1D1D011UL,0x00202020UL,0xC7D3D417UL,0x02020002UL,0x02222022UL,0x04000404UL,0x48606828UL,0x41717031UL,
+0x07030407UL,0xCBD3D81BUL,0x8D919C1DUL,0x89919819UL,0x41616021UL,0x8EB2BC3EUL,0xC6E2E426UL,0x49515819UL,
+0xCDD1DC1DUL,0x41515011UL,0x80909010UL,0xCCD0DC1CUL,0x8A92981AUL,0x83A3A023UL,0x8BA3A82BUL,0xC0D0D010UL,
+0x81818001UL,0x0F030C0FUL,0x47434407UL,0x0A12181AUL,0xC3E3E023UL,0xCCE0EC2CUL,0x8D818C0DUL,0x8FB3BC3FUL,
+0x86929416UL,0x4B73783BUL,0x4C505C1CUL,0x82A2A022UL,0x81A1A021UL,0x43636023UL,0x03232023UL,0x4D414C0DUL,
+0xC8C0C808UL,0x8E929C1EUL,0x8C909C1CUL,0x0A32383AUL,0x0C000C0CUL,0x0E222C2EUL,0x8AB2B83AUL,0x4E626C2EUL,
+0x8F939C1FUL,0x4A52581AUL,0xC2F2F032UL,0x82929012UL,0xC3F3F033UL,0x49414809UL,0x48707838UL,0xCCC0CC0CUL,
+0x05111415UL,0xCBF3F83BUL,0x40707030UL,0x45717435UL,0x4F737C3FUL,0x05313435UL,0x00101010UL,0x03030003UL,
+0x44606424UL,0x4D616C2DUL,0xC6C2C406UL,0x44707434UL,0xC5D1D415UL,0x84B0B434UL,0xCAE2E82AUL,0x09010809UL,
+0x46727436UL,0x09111819UL,0xCEF2FC3EUL,0x40404000UL,0x02121012UL,0xC0E0E020UL,0x8DB1BC3DUL,0x05010405UL,
+0xCAF2F83AUL,0x01010001UL,0xC0F0F030UL,0x0A22282AUL,0x4E525C1EUL,0x89A1A829UL,0x46525416UL,0x43434003UL,
+0x85818405UL,0x04101414UL,0x89818809UL,0x8B93981BUL,0x80B0B030UL,0xC5E1E425UL,0x48404808UL,0x49717839UL,
+0x87939417UL,0xCCF0FC3CUL,0x0E121C1EUL,0x82828002UL,0x01212021UL,0x8C808C0CUL,0x0B13181BUL,0x4F535C1FUL,
+0x47737437UL,0x44505414UL,0x82B2B032UL,0x0D111C1DUL,0x05212425UL,0x4F434C0FUL,0x00000000UL,0x46424406UL,
+0xCDE1EC2DUL,0x48505818UL,0x42525012UL,0xCBE3E82BUL,0x4E727C3EUL,0xCAD2D81AUL,0xC9C1C809UL,0xCDF1FC3DUL,
+0x00303030UL,0x85919415UL,0x45616425UL,0x0C303C3CUL,0x86B2B436UL,0xC4E0E424UL,0x8BB3B83BUL,0x4C707C3CUL,
+0x0E020C0EUL,0x40505010UL,0x09313839UL,0x06222426UL,0x02323032UL,0x84808404UL,0x49616829UL,0x83939013UL,
+0x07333437UL,0xC7E3E427UL,0x04202424UL,0x84A0A424UL,0xCBC3C80BUL,0x43535013UL,0x0A02080AUL,0x87838407UL,
+0xC9D1D819UL,0x4C404C0CUL,0x83838003UL,0x8F838C0FUL,0xCEC2CC0EUL,0x0B33383BUL,0x4A42480AUL,0x87B3B437UL
+};
+
+static const ulong32 KCi[16] = {
+0x9E3779B9,0x3C6EF373,
+0x78DDE6E6,0xF1BBCDCC,
+0xE3779B99,0xC6EF3733,
+0x8DDE6E67,0x1BBCDCCF,
+0x3779B99E,0x6EF3733C,
+0xDDE6E678,0xBBCDCCF1,
+0x779B99E3,0xEF3733C6,
+0xDE6E678D,0xBCDCCF1B
+};
+
+#define G(x) (SS3[((x)>>24)&255] ^ SS2[((x)>>16)&255] ^ SS1[((x)>>8)&255] ^ SS0[(x)&255])
+
+#define F(L1, L2, R1, R2, K1, K2) \
+   T2 = G((R1 ^ K1) ^ (R2 ^ K2)); \
+   T = G( G(T2 + (R1 ^ K1)) + T2); \
+   L2 ^= T; \
+   L1 ^= (T + G(T2 + (R1 ^ K1))); \
+
+ /**
+    Initialize the SEED block cipher
+    @param key The symmetric key you wish to pass
+    @param keylen The key length in bytes
+    @param num_rounds The number of rounds desired (0 for default)
+    @param skey The key in as scheduled by this function.
+    @return CRYPT_OK if successful
+ */
+int kseed_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
+{
+    int     i;
+    ulong32 tmp, k1, k2, k3, k4;
+
+    if (keylen != 16) {
+       return CRYPT_INVALID_KEYSIZE;
+    }
+   
+    if (num_rounds != 16 && num_rounds != 0) {
+       return CRYPT_INVALID_ROUNDS;
+    }
+
+    /* load key */
+    LOAD32H(k1, key);
+    LOAD32H(k2, key+4);
+    LOAD32H(k3, key+8);
+    LOAD32H(k4, key+12);
+
+    for (i = 0; i < 16; i++) {
+       skey->kseed.K[2*i+0] = G(k1 + k3 - KCi[i]);
+       skey->kseed.K[2*i+1] = G(k2 - k4 + KCi[i]);
+       if (i&1) {
+          tmp = k3;
+          k3 = ((k3 << 8) | (k4 >> 24)) & 0xFFFFFFFF;
+          k4 = ((k4 << 8) | (tmp >> 24)) & 0xFFFFFFFF;
+       } else {
+          tmp = k1;
+          k1 = ((k1 >> 8) | (k2 << 24)) & 0xFFFFFFFF;
+          k2 = ((k2 >> 8) | (tmp << 24)) & 0xFFFFFFFF;
+      }
+      /* reverse keys for decrypt */
+      skey->kseed.dK[2*(15-i)+0] = skey->kseed.K[2*i+0];
+      skey->kseed.dK[2*(15-i)+1] = skey->kseed.K[2*i+1];
+    }
+
+    return CRYPT_OK;
+}
+
+static void rounds(ulong32 *P, ulong32 *K)
+{
+   ulong32 T, T2;
+   int     i;
+   for (i = 0; i < 16; i += 2) {
+     F(P[0], P[1], P[2], P[3], K[0], K[1]);
+     F(P[2], P[3], P[0], P[1], K[2], K[3]);
+     K += 4;
+   }
+}
+
+/**
+  Encrypts a block of text with SEED
+  @param pt The input plaintext (16 bytes)
+  @param ct The output ciphertext (16 bytes)
+  @param skey The key as scheduled
+  @return CRYPT_OK if successful
+*/
+int kseed_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+{
+   ulong32 P[4];
+   LOAD32H(P[0], pt);
+   LOAD32H(P[1], pt+4);
+   LOAD32H(P[2], pt+8);
+   LOAD32H(P[3], pt+12);
+   rounds(P, skey->kseed.K);
+   STORE32H(P[2], ct);
+   STORE32H(P[3], ct+4);
+   STORE32H(P[0], ct+8);
+   STORE32H(P[1], ct+12);
+   return CRYPT_OK;
+}
+
+/**
+  Decrypts a block of text with SEED
+  @param ct The input ciphertext (16 bytes)
+  @param pt The output plaintext (16 bytes)
+  @param skey The key as scheduled 
+  @return CRYPT_OK if successful
+*/
+int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+{
+   ulong32 P[4];
+   LOAD32H(P[0], ct);
+   LOAD32H(P[1], ct+4);
+   LOAD32H(P[2], ct+8);
+   LOAD32H(P[3], ct+12);
+   rounds(P, skey->kseed.dK);
+   STORE32H(P[2], pt);
+   STORE32H(P[3], pt+4);
+   STORE32H(P[0], pt+8);
+   STORE32H(P[1], pt+12);
+   return CRYPT_OK;
+}
+
+/** Terminate the context 
+   @param skey    The scheduled key
+*/
+void kseed_done(symmetric_key *skey)
+{
+}
+
+/**
+  Performs a self-test of the SEED block cipher
+  @return CRYPT_OK if functional, CRYPT_NOP if self-test has been disabled
+*/
+int kseed_test(void)
+{
+#if !defined(LTC_TEST)
+  return CRYPT_NOP;
+#else
+  static const struct test {
+     unsigned char pt[16], ct[16], key[16];
+  } tests[] = {
+
+{
+  { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F },
+  { 0x5E,0xBA,0xC6,0xE0,0x05,0x4E,0x16,0x68,0x19,0xAF,0xF1,0xCC,0x6D,0x34,0x6C,0xDB },
+  { 0 },
+},
+
+{
+  { 0 },
+  { 0xC1,0x1F,0x22,0xF2,0x01,0x40,0x50,0x50,0x84,0x48,0x35,0x97,0xE4,0x37,0x0F,0x43 },
+  { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F },
+},
+
+{
+  { 0x83,0xA2,0xF8,0xA2,0x88,0x64,0x1F,0xB9,0xA4,0xE9,0xA5,0xCC,0x2F,0x13,0x1C,0x7D },
+  { 0xEE,0x54,0xD1,0x3E,0xBC,0xAE,0x70,0x6D,0x22,0x6B,0xC3,0x14,0x2C,0xD4,0x0D,0x4A },
+  { 0x47,0x06,0x48,0x08,0x51,0xE6,0x1B,0xE8,0x5D,0x74,0xBF,0xB3,0xFD,0x95,0x61,0x85 },
+},
+
+{
+  { 0xB4,0x1E,0x6B,0xE2,0xEB,0xA8,0x4A,0x14,0x8E,0x2E,0xED,0x84,0x59,0x3C,0x5E,0xC7 },
+  { 0x9B,0x9B,0x7B,0xFC,0xD1,0x81,0x3C,0xB9,0x5D,0x0B,0x36,0x18,0xF4,0x0F,0x51,0x22 },
+  { 0x28,0xDB,0xC3,0xBC,0x49,0xFF,0xD8,0x7D,0xCF,0xA5,0x09,0xB1,0x1D,0x42,0x2B,0xE7 },
+}
+};
+   int x;
+   unsigned char buf[2][16];
+   symmetric_key skey;
+
+   for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
+       kseed_setup(tests[x].key, 16, 0, &skey);
+       kseed_ecb_encrypt(tests[x].pt, buf[0], &skey);
+       kseed_ecb_decrypt(buf[0], buf[1], &skey);
+       if (XMEMCMP(buf[0], tests[x].ct, 16) || XMEMCMP(buf[1], tests[x].pt, 16)) {
+          return CRYPT_FAIL_TESTVECTOR;
+       }
+   }
+   return CRYPT_OK;
+#endif
+}
+
+/**
+  Gets suitable key size
+  @param keysize [in/out] The length of the recommended key (in bytes).  This function will store the suitable size back in this variable.
+  @return CRYPT_OK if the input key size is acceptable.
+*/
+int kseed_keysize(int *keysize)
+{
+   LTC_ARGCHK(keysize != NULL);
+   if (*keysize >= 16) {
+      *keysize = 16;
+   } else {
+      return CRYPT_INVALID_KEYSIZE;
+   }
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/ciphers/kseed.c,v $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/ciphers/noekeon.c b/libtomcrypt/src/ciphers/noekeon.c
index e502dfe..f467ff2 100644
--- a/libtomcrypt/src/ciphers/noekeon.c
+++ b/libtomcrypt/src/ciphers/noekeon.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 /**
    @file noekeon.c
@@ -27,7 +27,7 @@ const struct ltc_cipher_descriptor noekeon_desc =
     &noekeon_test,
     &noekeon_done,
     &noekeon_keysize,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL
+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
 static const ulong32 RC[] = {
@@ -107,11 +107,12 @@ int noekeon_setup(const unsigned char *key, int keylen, int num_rounds, symmetri
   @param pt The input plaintext (16 bytes)
   @param ct The output ciphertext (16 bytes)
   @param skey The key as scheduled
+  @return CRYPT_OK if successful
 */
 #ifdef LTC_CLEAN_STACK
-static void _noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+static int _noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 #else
-void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 #endif
 {
    ulong32 a,b,c,d,temp;
@@ -142,13 +143,16 @@ void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_k
    
    STORE32H(a,&ct[0]); STORE32H(b,&ct[4]);
    STORE32H(c,&ct[8]); STORE32H(d,&ct[12]);
+
+   return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 {
-   _noekeon_ecb_encrypt(pt, ct, skey);
+   int err = _noekeon_ecb_encrypt(pt, ct, skey);
    burn_stack(sizeof(ulong32) * 5 + sizeof(int));
+   return CRYPT_OK;
 }
 #endif
 
@@ -157,11 +161,12 @@ void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_k
   @param ct The input ciphertext (16 bytes)
   @param pt The output plaintext (16 bytes)
   @param skey The key as scheduled 
+  @return CRYPT_OK if successful
 */
 #ifdef LTC_CLEAN_STACK
-static void _noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+static int _noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 #else
-void noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 #endif
 {
    ulong32 a,b,c,d, temp;
@@ -192,13 +197,15 @@ void noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_k
    a ^= RC[0];
    STORE32H(a,&pt[0]); STORE32H(b, &pt[4]);
    STORE32H(c,&pt[8]); STORE32H(d, &pt[12]);
+   return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 {
-   _noekeon_ecb_decrypt(ct, pt, skey);
+   int err = _noekeon_ecb_decrypt(ct, pt, skey);
    burn_stack(sizeof(ulong32) * 5 + sizeof(int));
+   return err;
 }
 #endif
 
@@ -235,10 +242,10 @@ int noekeon_test(void)
   
     noekeon_ecb_encrypt(tests[i].pt, tmp[0], &key);
     noekeon_ecb_decrypt(tmp[0], tmp[1], &key);
-    if (memcmp(tmp[0], tests[i].ct, 16) || memcmp(tmp[1], tests[i].pt, 16)) { 
+    if (XMEMCMP(tmp[0], tests[i].ct, 16) || XMEMCMP(tmp[1], tests[i].pt, 16)) { 
 #if 0
        printf("\n\nTest %d failed\n", i);
-       if (memcmp(tmp[0], tests[i].ct, 16)) {
+       if (XMEMCMP(tmp[0], tests[i].ct, 16)) {
           printf("CT: ");
           for (i = 0; i < 16; i++) {
              printf("%02x ", tmp[0][i]);
@@ -292,5 +299,5 @@ int noekeon_keysize(int *keysize)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/noekeon.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/ciphers/rc2.c b/libtomcrypt/src/ciphers/rc2.c
index e91f83a..de62cda 100644
--- a/libtomcrypt/src/ciphers/rc2.c
+++ b/libtomcrypt/src/ciphers/rc2.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 /**********************************************************************\
 * To commemorate the 1996 RSA Data Security Conference, the following  *
@@ -36,7 +36,7 @@ const struct ltc_cipher_descriptor rc2_desc = {
    &rc2_test,
    &rc2_done,
    &rc2_keysize,
-   NULL, NULL, NULL, NULL, NULL, NULL, NULL
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
 /* 256-entry permutation table, probably derived somehow from pi */
@@ -125,13 +125,14 @@ int rc2_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
   @param pt The input plaintext (8 bytes)
   @param ct The output ciphertext (8 bytes)
   @param skey The key as scheduled
+  @return CRYPT_OK if successful
 */
 #ifdef LTC_CLEAN_STACK
-static void _rc2_ecb_encrypt( const unsigned char *pt,
+static int _rc2_ecb_encrypt( const unsigned char *pt,
                             unsigned char *ct,
                             symmetric_key *skey)
 #else
-void rc2_ecb_encrypt( const unsigned char *pt,
+int rc2_ecb_encrypt( const unsigned char *pt,
                             unsigned char *ct,
                             symmetric_key *skey)
 #endif
@@ -179,15 +180,18 @@ void rc2_ecb_encrypt( const unsigned char *pt,
     ct[5] = (unsigned char)(x54 >> 8);
     ct[6] = (unsigned char)x76;
     ct[7] = (unsigned char)(x76 >> 8);
+ 
+    return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void rc2_ecb_encrypt( const unsigned char *pt,
+int rc2_ecb_encrypt( const unsigned char *pt,
                             unsigned char *ct,
                             symmetric_key *skey)
 {
-    _rc2_ecb_encrypt(pt, ct, skey);
+    int err = _rc2_ecb_encrypt(pt, ct, skey);
     burn_stack(sizeof(unsigned *) + sizeof(unsigned) * 5);
+    return err;
 }
 #endif
 
@@ -199,13 +203,14 @@ void rc2_ecb_encrypt( const unsigned char *pt,
   @param ct The input ciphertext (8 bytes)
   @param pt The output plaintext (8 bytes)
   @param skey The key as scheduled 
+  @return CRYPT_OK if successful
 */
 #ifdef LTC_CLEAN_STACK
-static void _rc2_ecb_decrypt( const unsigned char *ct,
+static int _rc2_ecb_decrypt( const unsigned char *ct,
                             unsigned char *pt,
                             symmetric_key *skey)
 #else
-void rc2_ecb_decrypt( const unsigned char *ct,
+int rc2_ecb_decrypt( const unsigned char *ct,
                             unsigned char *pt,
                             symmetric_key *skey)
 #endif
@@ -254,15 +259,18 @@ void rc2_ecb_decrypt( const unsigned char *ct,
     pt[5] = (unsigned char)(x54 >> 8);
     pt[6] = (unsigned char)x76;
     pt[7] = (unsigned char)(x76 >> 8);
+
+    return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void rc2_ecb_decrypt( const unsigned char *ct,
+int rc2_ecb_decrypt( const unsigned char *ct,
                             unsigned char *pt,
                             symmetric_key *skey)
 {
-    _rc2_ecb_decrypt(ct, pt, skey);
+    int err = _rc2_ecb_decrypt(ct, pt, skey);
     burn_stack(sizeof(unsigned *) + sizeof(unsigned) * 4 + sizeof(int));
+    return err;
 }
 #endif
 
@@ -307,7 +315,7 @@ int rc2_test(void)
         rc2_ecb_encrypt(tests[x].pt, tmp[0], &skey);
         rc2_ecb_decrypt(tmp[0], tmp[1], &skey);
         
-        if (memcmp(tmp[0], tests[x].ct, 8) != 0 || memcmp(tmp[1], tests[x].pt, 8) != 0) {
+        if (XMEMCMP(tmp[0], tests[x].ct, 8) != 0 || XMEMCMP(tmp[1], tests[x].pt, 8) != 0) {
            return CRYPT_FAIL_TESTVECTOR;
         }
 
@@ -350,5 +358,5 @@ int rc2_keysize(int *keysize)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/rc2.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/ciphers/rc5.c b/libtomcrypt/src/ciphers/rc5.c
index 9465ac8..2d5fdb8 100644
--- a/libtomcrypt/src/ciphers/rc5.c
+++ b/libtomcrypt/src/ciphers/rc5.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -29,7 +29,7 @@ const struct ltc_cipher_descriptor rc5_desc =
     &rc5_test,
     &rc5_done,
     &rc5_keysize,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL
+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
 static const ulong32 stab[50] = {
@@ -123,11 +123,12 @@ int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
   @param pt The input plaintext (8 bytes)
   @param ct The output ciphertext (8 bytes)
   @param skey The key as scheduled
+  @return CRYPT_OK if successful
 */
 #ifdef LTC_CLEAN_STACK
-static void _rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+static int _rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 #else
-void rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 #endif
 {
    ulong32 A, B, *K;
@@ -159,13 +160,16 @@ void rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *
    }
    STORE32L(A, &ct[0]);
    STORE32L(B, &ct[4]);
+
+   return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 {
-   _rc5_ecb_encrypt(pt, ct, skey);
+   int err = _rc5_ecb_encrypt(pt, ct, skey);
    burn_stack(sizeof(ulong32) * 2 + sizeof(int));
+   return err;
 }
 #endif
 
@@ -174,11 +178,12 @@ void rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *
   @param ct The input ciphertext (8 bytes)
   @param pt The output plaintext (8 bytes)
   @param skey The key as scheduled 
+  @return CRYPT_OK if successful
 */
 #ifdef LTC_CLEAN_STACK
-static void _rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+static int _rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 #else
-void rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 #endif
 {
    ulong32 A, B, *K;
@@ -211,13 +216,16 @@ void rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *
    B -= skey->rc5.K[1];
    STORE32L(A, &pt[0]);
    STORE32L(B, &pt[4]);
+
+   return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 {
-   _rc5_ecb_decrypt(ct, pt, skey);
+   int err = _rc5_ecb_decrypt(ct, pt, skey);
    burn_stack(sizeof(ulong32) * 2 + sizeof(int));
+   return err;
 }
 #endif
 
@@ -267,7 +275,7 @@ int rc5_test(void)
       rc5_ecb_decrypt(tmp[0], tmp[1], &key);
 
       /* compare */
-      if (memcmp(tmp[0], tests[x].ct, 8) != 0 || memcmp(tmp[1], tests[x].pt, 8) != 0) {
+      if (XMEMCMP(tmp[0], tests[x].ct, 8) != 0 || XMEMCMP(tmp[1], tests[x].pt, 8) != 0) {
          return CRYPT_FAIL_TESTVECTOR;
       }
 
@@ -310,5 +318,5 @@ int rc5_keysize(int *keysize)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/rc5.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/ciphers/rc6.c b/libtomcrypt/src/ciphers/rc6.c
index ae6f114..8afa033 100644
--- a/libtomcrypt/src/ciphers/rc6.c
+++ b/libtomcrypt/src/ciphers/rc6.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -28,7 +28,7 @@ const struct ltc_cipher_descriptor rc6_desc =
     &rc6_test,
     &rc6_done,
     &rc6_keysize,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL
+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
 static const ulong32 stab[44] = {
@@ -120,9 +120,9 @@ int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_ke
   @param skey The key as scheduled
 */
 #ifdef LTC_CLEAN_STACK
-static void _rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+static int _rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 #else
-void rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 #endif
 {
    ulong32 a,b,c,d,t,u, *K;
@@ -155,13 +155,15 @@ void rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *
    a += skey->rc6.K[42];
    c += skey->rc6.K[43];
    STORE32L(a,&ct[0]);STORE32L(b,&ct[4]);STORE32L(c,&ct[8]);STORE32L(d,&ct[12]);
+   return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 {
-   _rc6_ecb_encrypt(pt, ct, skey);
+   int err = _rc6_ecb_encrypt(pt, ct, skey);
    burn_stack(sizeof(ulong32) * 6 + sizeof(int));
+   return err;
 }
 #endif
 
@@ -172,9 +174,9 @@ void rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *
   @param skey The key as scheduled 
 */
 #ifdef LTC_CLEAN_STACK
-static void _rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+static int _rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 #else
-void rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 #endif
 {
    ulong32 a,b,c,d,t,u, *K;
@@ -208,13 +210,16 @@ void rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *
    b -= skey->rc6.K[0];
    d -= skey->rc6.K[1];
    STORE32L(a,&pt[0]);STORE32L(b,&pt[4]);STORE32L(c,&pt[8]);STORE32L(d,&pt[12]);
+
+   return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 {
-   _rc6_ecb_decrypt(ct, pt, skey);
+   int err = _rc6_ecb_decrypt(ct, pt, skey);
    burn_stack(sizeof(ulong32) * 6 + sizeof(int));
+   return err;
 }
 #endif
 
@@ -280,17 +285,17 @@ int rc6_test(void)
       rc6_ecb_decrypt(tmp[0], tmp[1], &key);
 
       /* compare */
-      if (memcmp(tmp[0], tests[x].ct, 16) || memcmp(tmp[1], tests[x].pt, 16)) {
+      if (XMEMCMP(tmp[0], tests[x].ct, 16) || XMEMCMP(tmp[1], tests[x].pt, 16)) {
 #if 0
          printf("\n\nFailed test %d\n", x);
-         if (memcmp(tmp[0], tests[x].ct, 16)) {
+         if (XMEMCMP(tmp[0], tests[x].ct, 16)) {
             printf("Ciphertext:  ");
             for (y = 0; y < 16; y++) printf("%02x ", tmp[0][y]);
             printf("\nExpected  :  ");
             for (y = 0; y < 16; y++) printf("%02x ", tests[x].ct[y]);
             printf("\n");
          }
-         if (memcmp(tmp[1], tests[x].pt, 16)) {
+         if (XMEMCMP(tmp[1], tests[x].pt, 16)) {
             printf("Plaintext:  ");
             for (y = 0; y < 16; y++) printf("%02x ", tmp[0][y]);
             printf("\nExpected :  ");
@@ -339,5 +344,5 @@ int rc6_keysize(int *keysize)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/rc6.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/ciphers/safer/safer.c b/libtomcrypt/src/ciphers/safer/safer.c
index bad00a0..9fdaf37 100644
--- a/libtomcrypt/src/ciphers/safer/safer.c
+++ b/libtomcrypt/src/ciphers/safer/safer.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /*******************************************************************************
@@ -42,7 +42,7 @@ const struct ltc_cipher_descriptor
    &safer_k64_test,
    &safer_done,
    &safer_64_keysize,
-   NULL, NULL, NULL, NULL, NULL, NULL, NULL
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
    },
 
    safer_sk64_desc = {
@@ -54,7 +54,7 @@ const struct ltc_cipher_descriptor
    &safer_sk64_test,
    &safer_done,
    &safer_64_keysize,
-   NULL, NULL, NULL, NULL, NULL, NULL, NULL
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
    },
 
    safer_k128_desc = {
@@ -66,7 +66,7 @@ const struct ltc_cipher_descriptor
    &safer_sk128_test,
    &safer_done,
    &safer_128_keysize,
-   NULL, NULL, NULL, NULL, NULL, NULL, NULL
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
    },
 
    safer_sk128_desc = {
@@ -78,7 +78,7 @@ const struct ltc_cipher_descriptor
    &safer_sk128_test,
    &safer_done,
    &safer_128_keysize,
-   NULL, NULL, NULL, NULL, NULL, NULL, NULL
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
    };
 
 /******************* Constants ************************************************/
@@ -246,11 +246,11 @@ int safer_sk128_setup(const unsigned char *key, int keylen, int numrounds, symme
 }
 
 #ifdef LTC_CLEAN_STACK
-static void _safer_ecb_encrypt(const unsigned char *block_in,
+static int _safer_ecb_encrypt(const unsigned char *block_in,
                              unsigned char *block_out,
                              symmetric_key *skey)
 #else
-void safer_ecb_encrypt(const unsigned char *block_in,
+int safer_ecb_encrypt(const unsigned char *block_in,
                              unsigned char *block_out,
                              symmetric_key *skey)
 #endif
@@ -285,24 +285,26 @@ void safer_ecb_encrypt(const unsigned char *block_in,
     block_out[2] = c & 0xFF; block_out[3] = d & 0xFF;
     block_out[4] = e & 0xFF; block_out[5] = f & 0xFF;
     block_out[6] = g & 0xFF; block_out[7] = h & 0xFF;
+    return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void safer_ecb_encrypt(const unsigned char *block_in,
+int safer_ecb_encrypt(const unsigned char *block_in,
                              unsigned char *block_out,
                              symmetric_key *skey)
 {
-    _safer_ecb_encrypt(block_in, block_out, skey);
+    int err = _safer_ecb_encrypt(block_in, block_out, skey);
     burn_stack(sizeof(unsigned char) * 9 + sizeof(unsigned int) + sizeof(unsigned char *));
+    return err;
 }
 #endif
 
 #ifdef LTC_CLEAN_STACK
-static void _safer_ecb_decrypt(const unsigned char *block_in,
+static int _safer_ecb_decrypt(const unsigned char *block_in,
                              unsigned char *block_out,
                              symmetric_key *skey)
 #else
-void safer_ecb_decrypt(const unsigned char *block_in,
+int safer_ecb_decrypt(const unsigned char *block_in,
                              unsigned char *block_out,
                              symmetric_key *skey)
 #endif
@@ -338,15 +340,17 @@ void safer_ecb_decrypt(const unsigned char *block_in,
     block_out[2] = c & 0xFF; block_out[3] = d & 0xFF;
     block_out[4] = e & 0xFF; block_out[5] = f & 0xFF;
     block_out[6] = g & 0xFF; block_out[7] = h & 0xFF;
+    return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void safer_ecb_decrypt(const unsigned char *block_in,
+int safer_ecb_decrypt(const unsigned char *block_in,
                              unsigned char *block_out,
                              symmetric_key *skey)
 {
-    _safer_ecb_decrypt(block_in, block_out, skey);
+    int err = _safer_ecb_decrypt(block_in, block_out, skey);
     burn_stack(sizeof(unsigned char) * 9 + sizeof(unsigned int) + sizeof(unsigned char *));
+    return err;
 }
 #endif
 
@@ -392,7 +396,7 @@ int safer_k64_test(void)
    safer_ecb_encrypt(k64_pt, buf[0], &skey);
    safer_ecb_decrypt(buf[0], buf[1], &skey);
 
-   if (memcmp(buf[0], k64_ct, 8) != 0 || memcmp(buf[1], k64_pt, 8) != 0) {
+   if (XMEMCMP(buf[0], k64_ct, 8) != 0 || XMEMCMP(buf[1], k64_pt, 8) != 0) {
       return CRYPT_FAIL_TESTVECTOR;
    }
 
@@ -422,7 +426,7 @@ int safer_sk64_test(void)
    safer_ecb_encrypt(sk64_pt, buf[0], &skey);
    safer_ecb_decrypt(buf[0], buf[1], &skey);
 
-   if (memcmp(buf[0], sk64_ct, 8) != 0 || memcmp(buf[1], sk64_pt, 8) != 0) {
+   if (XMEMCMP(buf[0], sk64_ct, 8) != 0 || XMEMCMP(buf[1], sk64_pt, 8) != 0) {
       return CRYPT_FAIL_TESTVECTOR;
    }
 
@@ -464,7 +468,7 @@ int safer_sk128_test(void)
    safer_ecb_encrypt(sk128_pt, buf[0], &skey);
    safer_ecb_decrypt(buf[0], buf[1], &skey);
 
-   if (memcmp(buf[0], sk128_ct, 8) != 0 || memcmp(buf[1], sk128_pt, 8) != 0) {
+   if (XMEMCMP(buf[0], sk128_ct, 8) != 0 || XMEMCMP(buf[1], sk128_pt, 8) != 0) {
       return CRYPT_FAIL_TESTVECTOR;
    }
 
@@ -483,5 +487,5 @@ int safer_sk128_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/safer/safer.c,v $ */
-/* $Revision: 1.8 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.13 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/ciphers/safer/safer_tab.c b/libtomcrypt/src/ciphers/safer/safer_tab.c
index 47fbd1c..a542768 100644
--- a/libtomcrypt/src/ciphers/safer/safer_tab.c
+++ b/libtomcrypt/src/ciphers/safer/safer_tab.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -64,5 +64,5 @@ const unsigned char safer_lbox[256] = {
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/safer/safer_tab.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/ciphers/safer/saferp.c b/libtomcrypt/src/ciphers/safer/saferp.c
index 6d0d589..dff4ee9 100644
--- a/libtomcrypt/src/ciphers/safer/saferp.c
+++ b/libtomcrypt/src/ciphers/safer/saferp.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /** 
@@ -28,7 +28,7 @@ const struct ltc_cipher_descriptor saferp_desc =
     &saferp_test,
     &saferp_done,
     &saferp_keysize,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL
+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
 /* ROUND(b,i) 
@@ -329,8 +329,9 @@ int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric
   @param pt The input plaintext (16 bytes)
   @param ct The output ciphertext (16 bytes)
   @param skey The key as scheduled
+  @return CRYPT_OK if successful
 */
-void saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 {
    unsigned char b[16];
    int x;
@@ -384,6 +385,7 @@ void saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_ke
 #ifdef LTC_CLEAN_STACK
    zeromem(b, sizeof(b));
 #endif
+   return CRYPT_OK;
 }
 
 /**
@@ -391,8 +393,9 @@ void saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_ke
   @param ct The input ciphertext (16 bytes)
   @param pt The output plaintext (16 bytes)
   @param skey The key as scheduled 
+  @return CRYPT_OK if successful
 */
-void saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 {
    unsigned char b[16];
    int x;
@@ -446,6 +449,7 @@ void saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_ke
 #ifdef LTC_CLEAN_STACK
    zeromem(b, sizeof(b));
 #endif
+   return CRYPT_OK;
 }
 
 /**
@@ -503,7 +507,7 @@ int saferp_test(void)
       saferp_ecb_decrypt(tmp[0], tmp[1], &skey);
 
       /* compare */
-      if (memcmp(tmp[0], tests[i].ct, 16) || memcmp(tmp[1], tests[i].pt, 16)) { 
+      if (XMEMCMP(tmp[0], tests[i].ct, 16) || XMEMCMP(tmp[1], tests[i].pt, 16)) { 
          return CRYPT_FAIL_TESTVECTOR;
       }
 
@@ -551,5 +555,5 @@ int saferp_keysize(int *keysize)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/safer/saferp.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/ciphers/skipjack.c b/libtomcrypt/src/ciphers/skipjack.c
index 4cb3bf2..3e0b576 100644
--- a/libtomcrypt/src/ciphers/skipjack.c
+++ b/libtomcrypt/src/ciphers/skipjack.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -28,7 +28,7 @@ const struct ltc_cipher_descriptor skipjack_desc =
     &skipjack_test,
     &skipjack_done,
     &skipjack_keysize,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL
+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
 static const unsigned char sbox[256] = {
@@ -138,11 +138,12 @@ static unsigned ig_func(unsigned w, int *kp, unsigned char *key)
   @param pt The input plaintext (8 bytes)
   @param ct The output ciphertext (8 bytes)
   @param skey The key as scheduled
+  @return CRYPT_OK if successful
 */
 #ifdef LTC_CLEAN_STACK
-static void _skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+static int _skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 #else
-void skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 #endif
 {
    unsigned w1,w2,w3,w4,tmp,tmp1;
@@ -183,13 +184,16 @@ void skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
    ct[2] = (w2>>8)&255; ct[3] = w2&255;
    ct[4] = (w3>>8)&255; ct[5] = w3&255;
    ct[6] = (w4>>8)&255; ct[7] = w4&255;
+
+   return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 {
-   _skipjack_ecb_encrypt(pt, ct, skey);
+   int err = _skipjack_ecb_encrypt(pt, ct, skey);
    burn_stack(sizeof(unsigned) * 8 + sizeof(int) * 2);
+   return err;
 }
 #endif
 
@@ -198,11 +202,12 @@ void skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_
   @param ct The input ciphertext (8 bytes)
   @param pt The output plaintext (8 bytes)
   @param skey The key as scheduled 
+  @return CRYPT_OK if successful
 */
 #ifdef LTC_CLEAN_STACK
-static void _skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+static int _skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 #else
-void skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 #endif
 {
    unsigned w1,w2,w3,w4,tmp;
@@ -247,13 +252,16 @@ void skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_
    pt[2] = (w2>>8)&255; pt[3] = w2&255;
    pt[4] = (w3>>8)&255; pt[5] = w3&255;
    pt[6] = (w4>>8)&255; pt[7] = w4&255;
+
+   return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 {
-   _skipjack_ecb_decrypt(ct, pt, skey);
+   int err = _skipjack_ecb_decrypt(ct, pt, skey);
    burn_stack(sizeof(unsigned) * 7 + sizeof(int) * 2);
+   return err;
 }
 #endif
 
@@ -290,7 +298,7 @@ int skipjack_test(void)
       skipjack_ecb_decrypt(buf[0], buf[1], &key);
 
       /* compare */
-      if (memcmp(buf[0], tests[x].ct, 8) != 0 || memcmp(buf[1], tests[x].pt, 8) != 0) {
+      if (XMEMCMP(buf[0], tests[x].ct, 8) != 0 || XMEMCMP(buf[1], tests[x].pt, 8) != 0) {
          return CRYPT_FAIL_TESTVECTOR;
       }
 
@@ -331,5 +339,5 @@ int skipjack_keysize(int *keysize)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/skipjack.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/ciphers/twofish/twofish.c b/libtomcrypt/src/ciphers/twofish/twofish.c
index f147bab..9e6d0d4 100644
--- a/libtomcrypt/src/ciphers/twofish/twofish.c
+++ b/libtomcrypt/src/ciphers/twofish/twofish.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
  /** 
@@ -35,7 +35,7 @@ const struct ltc_cipher_descriptor twofish_desc =
     &twofish_test,
     &twofish_done,
     &twofish_keysize,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL
+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
 /* the two polynomials */
@@ -414,8 +414,8 @@ int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetri
    /* make the sboxes (large ram variant) */
    if (k == 2) {
         for (x = 0; x < 256; x++) {
-           tmpx0 = sbox(0, x);
-           tmpx1 = sbox(1, x);
+           tmpx0 = (unsigned char)sbox(0, x);
+           tmpx1 = (unsigned char)sbox(1, x);
            skey->twofish.S[0][x] = mds_column_mult(sbox(1, (sbox(0, tmpx0 ^ S[0]) ^ S[4])),0);
            skey->twofish.S[1][x] = mds_column_mult(sbox(0, (sbox(0, tmpx1 ^ S[1]) ^ S[5])),1);
            skey->twofish.S[2][x] = mds_column_mult(sbox(1, (sbox(1, tmpx0 ^ S[2]) ^ S[6])),2);
@@ -423,8 +423,8 @@ int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetri
         }
    } else if (k == 3) {
         for (x = 0; x < 256; x++) {
-           tmpx0 = sbox(0, x);
-           tmpx1 = sbox(1, x);
+           tmpx0 = (unsigned char)sbox(0, x);
+           tmpx1 = (unsigned char)sbox(1, x);
            skey->twofish.S[0][x] = mds_column_mult(sbox(1, (sbox(0, sbox(0, tmpx1 ^ S[0]) ^ S[4]) ^ S[8])),0);
            skey->twofish.S[1][x] = mds_column_mult(sbox(0, (sbox(0, sbox(1, tmpx1 ^ S[1]) ^ S[5]) ^ S[9])),1);
            skey->twofish.S[2][x] = mds_column_mult(sbox(1, (sbox(1, sbox(0, tmpx0 ^ S[2]) ^ S[6]) ^ S[10])),2);
@@ -432,8 +432,8 @@ int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetri
         }
    } else {
         for (x = 0; x < 256; x++) {
-           tmpx0 = sbox(0, x);
-           tmpx1 = sbox(1, x);
+           tmpx0 = (unsigned char)sbox(0, x);
+           tmpx1 = (unsigned char)sbox(1, x);
            skey->twofish.S[0][x] = mds_column_mult(sbox(1, (sbox(0, sbox(0, sbox(1, tmpx1 ^ S[0]) ^ S[4]) ^ S[8]) ^ S[12])),0);
            skey->twofish.S[1][x] = mds_column_mult(sbox(0, (sbox(0, sbox(1, sbox(1, tmpx0 ^ S[1]) ^ S[5]) ^ S[9]) ^ S[13])),1);
            skey->twofish.S[2][x] = mds_column_mult(sbox(1, (sbox(1, sbox(0, sbox(0, tmpx0 ^ S[2]) ^ S[6]) ^ S[10]) ^ S[14])),2);
@@ -467,11 +467,12 @@ int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetri
   @param pt The input plaintext (16 bytes)
   @param ct The output ciphertext (16 bytes)
   @param skey The key as scheduled
+  @return CRYPT_OK if successful
 */
 #ifdef LTC_CLEAN_STACK
-static void _twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+static int _twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 #else
-void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 #endif
 {
     ulong32 a,b,c,d,ta,tb,tc,td,t1,t2, *k;
@@ -521,13 +522,16 @@ void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_k
     /* store output */
     STORE32L(ta,&ct[0]); STORE32L(tb,&ct[4]);
     STORE32L(tc,&ct[8]); STORE32L(td,&ct[12]);
+
+    return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 {
-   _twofish_ecb_encrypt(pt, ct, skey);
+   int err = _twofish_ecb_encrypt(pt, ct, skey);
    burn_stack(sizeof(ulong32) * 10 + sizeof(int));
+   return err;
 }
 #endif
 
@@ -536,11 +540,12 @@ void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_k
   @param ct The input ciphertext (16 bytes)
   @param pt The output plaintext (16 bytes)
   @param skey The key as scheduled 
+  @return CRYPT_OK if successful
 */
 #ifdef LTC_CLEAN_STACK
-static void _twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+static int _twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 #else
-void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 #endif
 {
     ulong32 a,b,c,d,ta,tb,tc,td,t1,t2, *k;
@@ -593,13 +598,15 @@ void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_k
     /* store */
     STORE32L(a, &pt[0]); STORE32L(b, &pt[4]);
     STORE32L(c, &pt[8]); STORE32L(d, &pt[12]);
+    return CRYPT_OK;
 }
 
 #ifdef LTC_CLEAN_STACK
-void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 {
-   _twofish_ecb_decrypt(ct, pt, skey);
+   int err =_twofish_ecb_decrypt(ct, pt, skey);
    burn_stack(sizeof(ulong32) * 10 + sizeof(int));
+   return err;
 }
 #endif
 
@@ -656,7 +663,10 @@ int twofish_test(void)
     }
     twofish_ecb_encrypt(tests[i].pt, tmp[0], &key);
     twofish_ecb_decrypt(tmp[0], tmp[1], &key);
-    if (memcmp(tmp[0], tests[i].ct, 16) != 0 || memcmp(tmp[1], tests[i].pt, 16) != 0) {
+    if (XMEMCMP(tmp[0], tests[i].ct, 16) != 0 || XMEMCMP(tmp[1], tests[i].pt, 16) != 0) {
+#if 0
+       printf("Twofish failed test %d, %d, %d\n", i, XMEMCMP(tmp[0], tests[i].ct, 16), XMEMCMP(tmp[1], tests[i].pt, 16));
+#endif
        return CRYPT_FAIL_TESTVECTOR;
     }
       /* now see if we can encrypt all zero bytes 1000 times, decrypt and come back where we started */
@@ -704,5 +714,5 @@ int twofish_keysize(int *keysize)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/twofish/twofish.c,v $ */
-/* $Revision: 1.8 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.14 $ */
+/* $Date: 2006/12/04 21:34:03 $ */
diff --git a/libtomcrypt/src/ciphers/twofish/twofish_tab.c b/libtomcrypt/src/ciphers/twofish/twofish_tab.c
index 47d4717..f8a373f 100644
--- a/libtomcrypt/src/ciphers/twofish/twofish_tab.c
+++ b/libtomcrypt/src/ciphers/twofish/twofish_tab.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
  /**
@@ -492,5 +492,5 @@ static const ulong32 rs_tab7[256] = {
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/twofish/twofish_tab.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/ciphers/xtea.c b/libtomcrypt/src/ciphers/xtea.c
index a45a13a..ac73400 100644
--- a/libtomcrypt/src/ciphers/xtea.c
+++ b/libtomcrypt/src/ciphers/xtea.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -28,7 +28,7 @@ const struct ltc_cipher_descriptor xtea_desc =
     &xtea_test,
     &xtea_done,
     &xtea_keysize,
-    NULL, NULL, NULL, NULL, NULL, NULL, NULL
+    NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL
 };
 
 int xtea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey)
@@ -71,8 +71,9 @@ int xtea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_k
   @param pt The input plaintext (8 bytes)
   @param ct The output ciphertext (8 bytes)
   @param skey The key as scheduled
+  @return CRYPT_OK if successful
 */
-void xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
+int xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey)
 {
    unsigned long y, z;
    int r;
@@ -98,6 +99,7 @@ void xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key
    }
    STORE32L(y, &ct[0]);
    STORE32L(z, &ct[4]);
+   return CRYPT_OK;
 }
 
 /**
@@ -105,8 +107,9 @@ void xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key
   @param ct The input ciphertext (8 bytes)
   @param pt The output plaintext (8 bytes)
   @param skey The key as scheduled 
+  @return CRYPT_OK if successful
 */
-void xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
+int xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey)
 {
    unsigned long y, z;
    int r;
@@ -132,6 +135,7 @@ void xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key
    }
    STORE32L(y, &pt[0]);
    STORE32L(z, &pt[4]);
+   return CRYPT_OK;
 }
 
 /**
@@ -160,7 +164,7 @@ int xtea_test(void)
    xtea_ecb_encrypt(pt, tmp[0], &skey);
    xtea_ecb_decrypt(tmp[0], tmp[1], &skey);
 
-   if (memcmp(tmp[0], ct, 8) != 0 || memcmp(tmp[1], pt, 8) != 0) { 
+   if (XMEMCMP(tmp[0], ct, 8) != 0 || XMEMCMP(tmp[1], pt, 8) != 0) { 
       return CRYPT_FAIL_TESTVECTOR;
    }
 
@@ -203,5 +207,5 @@ int xtea_keysize(int *keysize)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/ciphers/xtea.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/encauth/ccm/ccm_memory.c b/libtomcrypt/src/encauth/ccm/ccm_memory.c
index 48dc4b7..c5eee18 100644
--- a/libtomcrypt/src/encauth/ccm/ccm_memory.c
+++ b/libtomcrypt/src/encauth/ccm/ccm_memory.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -22,6 +22,7 @@
    @param cipher     The index of the cipher desired
    @param key        The secret key to use
    @param keylen     The length of the secret key (octets)
+   @param uskey      A previously scheduled key [optional can be NULL]
    @param nonce      The session nonce [use once]
    @param noncelen   The length of the nonce
    @param header     The header for the session
@@ -36,6 +37,7 @@
 */
 int ccm_memory(int cipher,
     const unsigned char *key,    unsigned long keylen,
+    symmetric_key       *uskey,
     const unsigned char *nonce,  unsigned long noncelen,
     const unsigned char *header, unsigned long headerlen,
           unsigned char *pt,     unsigned long ptlen,
@@ -48,7 +50,9 @@ int ccm_memory(int cipher,
    int            err;
    unsigned long  len, L, x, y, z, CTRlen;
 
-   LTC_ARGCHK(key    != NULL);
+   if (uskey == NULL) {
+      LTC_ARGCHK(key    != NULL);
+   }
    LTC_ARGCHK(nonce  != NULL);
    if (headerlen > 0) {
       LTC_ARGCHK(header != NULL);
@@ -85,15 +89,15 @@ int ccm_memory(int cipher,
 
    /* is there an accelerator? */
    if (cipher_descriptor[cipher].accel_ccm_memory != NULL) {
-       cipher_descriptor[cipher].accel_ccm_memory(
+       return cipher_descriptor[cipher].accel_ccm_memory(
            key,    keylen,
+           uskey,
            nonce,  noncelen,
            header, headerlen,
            pt,     ptlen,
            ct, 
            tag,    taglen,
            direction);
-      return CRYPT_OK;
    }
 
    /* let's get the L value */
@@ -113,23 +117,32 @@ int ccm_memory(int cipher,
       L = 15 - noncelen;
    }
 
-   /* allocate mem for the symmetric key */
-   skey = XMALLOC(sizeof(*skey));
-   if (skey == NULL) {
-      return CRYPT_MEM;
+   /* decrease noncelen to match L */
+   if ((noncelen + L) > 15) {
+      noncelen = 15 - L;
    }
 
-   /* initialize the cipher */
-   if ((err = cipher_descriptor[cipher].setup(key, keylen, 0, skey)) != CRYPT_OK) {
-      XFREE(skey);
-      return err;
+   /* allocate mem for the symmetric key */
+   if (uskey == NULL) {
+      skey = XMALLOC(sizeof(*skey));
+      if (skey == NULL) {
+         return CRYPT_MEM;
+      }
+
+      /* initialize the cipher */
+      if ((err = cipher_descriptor[cipher].setup(key, keylen, 0, skey)) != CRYPT_OK) {
+         XFREE(skey);
+         return err;
+      }
+   } else {
+      skey = uskey;
    }
 
    /* form B_0 == flags | Nonce N | l(m) */
    x = 0;
-   PAD[x++] = ((headerlen > 0) ? (1<<6) : 0) |
+   PAD[x++] = (unsigned char)(((headerlen > 0) ? (1<<6) : 0) |
             (((*taglen - 2)>>1)<<3)        |
-            (L-1);
+            (L-1));
 
    /* nonce */
    for (y = 0; y < (16 - (L + 1)); y++) {
@@ -149,12 +162,14 @@ int ccm_memory(int cipher,
        PAD[x++] = 0;
    }
    for (; y < L; y++) {
-       PAD[x++] = (len >> 24) & 255;
+       PAD[x++] = (unsigned char)((len >> 24) & 255);
        len <<= 8;
    }
 
    /* encrypt PAD */
-   cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey);
+   if ((err = cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey)) != CRYPT_OK) {
+       goto error;
+   }
 
    /* handle header */
    if (headerlen > 0) {
@@ -177,7 +192,9 @@ int ccm_memory(int cipher,
       for (y = 0; y < headerlen; y++) {
           if (x == 16) {
              /* full block so let's encrypt it */
-             cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey);
+             if ((err = cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey)) != CRYPT_OK) {
+                goto error;
+             }
              x = 0;
           }
           PAD[x++] ^= header[y];
@@ -185,7 +202,9 @@ int ccm_memory(int cipher,
 
       /* remainder? */
       if (x != 0) {
-         cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey);
+         if ((err = cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey)) != CRYPT_OK) {
+            goto error;
+         }
       }
    }
 
@@ -193,7 +212,7 @@ int ccm_memory(int cipher,
    x = 0;
 
    /* flags */
-   ctr[x++] = L-1;
+   ctr[x++] = (unsigned char)L-1;
  
    /* nonce */
    for (y = 0; y < (16 - (L+1)); ++y) {
@@ -219,14 +238,18 @@ int ccm_memory(int cipher,
                     ctr[z] = (ctr[z] + 1) & 255;
                     if (ctr[z]) break;
                 }
-                cipher_descriptor[cipher].ecb_encrypt(ctr, CTRPAD, skey);
+                if ((err = cipher_descriptor[cipher].ecb_encrypt(ctr, CTRPAD, skey)) != CRYPT_OK) {
+                   goto error;
+                }
 
                 /* xor the PT against the pad first */
                 for (z = 0; z < 16; z += sizeof(LTC_FAST_TYPE)) {
                     *((LTC_FAST_TYPE*)(&PAD[z]))  ^= *((LTC_FAST_TYPE*)(&pt[y+z]));
                     *((LTC_FAST_TYPE*)(&ct[y+z])) = *((LTC_FAST_TYPE*)(&pt[y+z])) ^ *((LTC_FAST_TYPE*)(&CTRPAD[z]));
                 }
-                cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey);
+                if ((err = cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey)) != CRYPT_OK) {
+                   goto error;
+                }
              }
          } else {
              for (; y < (ptlen & ~15); y += 16) {
@@ -235,14 +258,18 @@ int ccm_memory(int cipher,
                     ctr[z] = (ctr[z] + 1) & 255;
                     if (ctr[z]) break;
                 }
-                cipher_descriptor[cipher].ecb_encrypt(ctr, CTRPAD, skey);
+                if ((err = cipher_descriptor[cipher].ecb_encrypt(ctr, CTRPAD, skey)) != CRYPT_OK) {
+                   goto error;
+                }
 
                 /* xor the PT against the pad last */
                 for (z = 0; z < 16; z += sizeof(LTC_FAST_TYPE)) {
                     *((LTC_FAST_TYPE*)(&pt[y+z])) = *((LTC_FAST_TYPE*)(&ct[y+z])) ^ *((LTC_FAST_TYPE*)(&CTRPAD[z]));
                     *((LTC_FAST_TYPE*)(&PAD[z]))  ^= *((LTC_FAST_TYPE*)(&pt[y+z]));
                 }
-                cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey);
+                if ((err = cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey)) != CRYPT_OK) {
+                   goto error;
+                }
              }
          }
      }
@@ -255,7 +282,9 @@ int ccm_memory(int cipher,
                  ctr[z] = (ctr[z] + 1) & 255;
                  if (ctr[z]) break;
              }
-             cipher_descriptor[cipher].ecb_encrypt(ctr, CTRPAD, skey);
+             if ((err = cipher_descriptor[cipher].ecb_encrypt(ctr, CTRPAD, skey)) != CRYPT_OK) {
+                goto error;
+             }
              CTRlen = 0;
           }
 
@@ -269,21 +298,32 @@ int ccm_memory(int cipher,
           }
 
           if (x == 16) {
-             cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey);
+             if ((err = cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey)) != CRYPT_OK) {
+                goto error;
+             }
              x = 0;
           }
           PAD[x++] ^= b;
       }
              
       if (x != 0) {
-         cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey);
+         if ((err = cipher_descriptor[cipher].ecb_encrypt(PAD, PAD, skey)) != CRYPT_OK) {
+            goto error;
+         }
       }
    }
 
-   /* setup CTR for the TAG */
-   ctr[14] = ctr[15] = 0x00;
-   cipher_descriptor[cipher].ecb_encrypt(ctr, CTRPAD, skey);
-   cipher_descriptor[cipher].done(skey);
+   /* setup CTR for the TAG (zero the count) */
+   for (y = 15; y > 15 - L; y--) {
+      ctr[y] = 0x00;
+   }
+   if ((err = cipher_descriptor[cipher].ecb_encrypt(ctr, CTRPAD, skey)) != CRYPT_OK) {
+      goto error;
+   }
+
+   if (skey != uskey) {
+      cipher_descriptor[cipher].done(skey);
+   }
 
    /* store the TAG */
    for (x = 0; x < 16 && x < *taglen; x++) {
@@ -296,14 +336,16 @@ int ccm_memory(int cipher,
    zeromem(PAD,    sizeof(PAD));
    zeromem(CTRPAD, sizeof(CTRPAD));
 #endif
+error:
+   if (skey != uskey) {
+      XFREE(skey);
+   }
 
-   XFREE(skey);
-
-   return CRYPT_OK;
+   return err;
 }
 
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/ccm/ccm_memory.c,v $ */
-/* $Revision: 1.9 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.18 $ */
+/* $Date: 2006/12/04 21:34:03 $ */
diff --git a/libtomcrypt/src/encauth/ccm/ccm_test.c b/libtomcrypt/src/encauth/ccm/ccm_test.c
index c33502a..3a45bfb 100644
--- a/libtomcrypt/src/encauth/ccm/ccm_test.c
+++ b/libtomcrypt/src/encauth/ccm/ccm_test.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -116,6 +116,7 @@ int ccm_test(void)
   unsigned long taglen, x;
   unsigned char buf[64], buf2[64], tag2[16], tag[16];
   int           err, idx;
+  symmetric_key skey;
 
   idx = find_cipher("aes");
   if (idx == -1) {
@@ -127,8 +128,13 @@ int ccm_test(void)
 
   for (x = 0; x < (sizeof(tests)/sizeof(tests[0])); x++) {
       taglen = tests[x].taglen;
+      if ((err = cipher_descriptor[idx].setup(tests[x].key, 16, 0, &skey)) != CRYPT_OK) {
+         return err;
+      }
+      
       if ((err = ccm_memory(idx,
                             tests[x].key, 16,
+                            &skey,
                             tests[x].nonce, tests[x].noncelen,
                             tests[x].header, tests[x].headerlen,
                             (unsigned char*)tests[x].pt, tests[x].ptlen,
@@ -137,31 +143,31 @@ int ccm_test(void)
          return err;
       }
 
-      if (memcmp(buf, tests[x].ct, tests[x].ptlen)) {
+      if (XMEMCMP(buf, tests[x].ct, tests[x].ptlen)) {
          return CRYPT_FAIL_TESTVECTOR;
       }
-      if (memcmp(tag, tests[x].tag, tests[x].taglen)) {
+      if (XMEMCMP(tag, tests[x].tag, tests[x].taglen)) {
          return CRYPT_FAIL_TESTVECTOR;
       }
 
       if ((err = ccm_memory(idx,
                             tests[x].key, 16,
+                            NULL,
                             tests[x].nonce, tests[x].noncelen,
                             tests[x].header, tests[x].headerlen,
                             buf2, tests[x].ptlen,
                             buf,
-                            tag2, &taglen, 1	)) != CRYPT_OK) {
+                            tag2, &taglen, 1   )) != CRYPT_OK) {
          return err;
       }
 
-     if (memcmp(buf2, tests[x].pt, tests[x].ptlen)) {
+      if (XMEMCMP(buf2, tests[x].pt, tests[x].ptlen)) {
          return CRYPT_FAIL_TESTVECTOR;
       }
-     if (memcmp(tag2, tests[x].tag, tests[x].taglen)) {
+      if (XMEMCMP(tag2, tests[x].tag, tests[x].taglen)) {
          return CRYPT_FAIL_TESTVECTOR;
-     }
- 
-
+      }
+      cipher_descriptor[idx].done(&skey);
   }
   return CRYPT_OK;
 #endif
@@ -170,5 +176,5 @@ int ccm_test(void)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/ccm/ccm_test.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/21 00:18:23 $ */
diff --git a/libtomcrypt/src/encauth/eax/eax_addheader.c b/libtomcrypt/src/encauth/eax/eax_addheader.c
index cfb325d..b1054e5 100644
--- a/libtomcrypt/src/encauth/eax/eax_addheader.c
+++ b/libtomcrypt/src/encauth/eax/eax_addheader.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 /** 
     @file eax_addheader.c
@@ -34,5 +34,5 @@ int eax_addheader(eax_state *eax, const unsigned char *header,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_addheader.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/eax/eax_decrypt.c b/libtomcrypt/src/encauth/eax/eax_decrypt.c
index 13e23cc..22a66ab 100644
--- a/libtomcrypt/src/encauth/eax/eax_decrypt.c
+++ b/libtomcrypt/src/encauth/eax/eax_decrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /** 
@@ -46,5 +46,5 @@ int eax_decrypt(eax_state *eax, const unsigned char *ct, unsigned char *pt,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_decrypt.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/eax/eax_decrypt_verify_memory.c b/libtomcrypt/src/encauth/eax/eax_decrypt_verify_memory.c
index d6d72ab..693ddfa 100644
--- a/libtomcrypt/src/encauth/eax/eax_decrypt_verify_memory.c
+++ b/libtomcrypt/src/encauth/eax/eax_decrypt_verify_memory.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -84,7 +84,7 @@ int eax_decrypt_verify_memory(int cipher,
    }
 
    /* compare tags */
-   if (buflen >= taglen && memcmp(buf, tag, taglen) == 0) {
+   if (buflen >= taglen && XMEMCMP(buf, tag, taglen) == 0) {
       *stat = 1;
    }
    
@@ -104,5 +104,5 @@ LBL_ERR:
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_decrypt_verify_memory.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/encauth/eax/eax_done.c b/libtomcrypt/src/encauth/eax/eax_done.c
index 10e2c23..1e02939 100644
--- a/libtomcrypt/src/encauth/eax/eax_done.c
+++ b/libtomcrypt/src/encauth/eax/eax_done.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -90,5 +90,5 @@ LBL_ERR:
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_done.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/eax/eax_encrypt.c b/libtomcrypt/src/encauth/eax/eax_encrypt.c
index a646588..dc8bc3d 100644
--- a/libtomcrypt/src/encauth/eax/eax_encrypt.c
+++ b/libtomcrypt/src/encauth/eax/eax_encrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -47,5 +47,5 @@ int eax_encrypt(eax_state *eax, const unsigned char *pt, unsigned char *ct,
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_encrypt.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/eax/eax_encrypt_authenticate_memory.c b/libtomcrypt/src/encauth/eax/eax_encrypt_authenticate_memory.c
index 9760616..e9e52d0 100644
--- a/libtomcrypt/src/encauth/eax/eax_encrypt_authenticate_memory.c
+++ b/libtomcrypt/src/encauth/eax/eax_encrypt_authenticate_memory.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -78,5 +78,5 @@ LBL_ERR:
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_encrypt_authenticate_memory.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/eax/eax_init.c b/libtomcrypt/src/encauth/eax/eax_init.c
index 942b25f..48512b5 100644
--- a/libtomcrypt/src/encauth/eax/eax_init.c
+++ b/libtomcrypt/src/encauth/eax/eax_init.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /** 
@@ -140,5 +140,5 @@ LBL_ERR:
 #endif 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_init.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/eax/eax_test.c b/libtomcrypt/src/encauth/eax/eax_test.c
index b08f5ab..d154271 100644
--- a/libtomcrypt/src/encauth/eax/eax_test.c
+++ b/libtomcrypt/src/encauth/eax/eax_test.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /** 
@@ -231,7 +231,7 @@ int eax_test(void)
             tests[x].plaintext, tests[x].msglen, outct, outtag, &len)) != CRYPT_OK) {
            return err;
         }
-        if (memcmp(outct, tests[x].ciphertext, tests[x].msglen) || memcmp(outtag, tests[x].tag, len)) {
+        if (XMEMCMP(outct, tests[x].ciphertext, tests[x].msglen) || XMEMCMP(outtag, tests[x].tag, len)) {
 #if 0
            unsigned long y;
            printf("\n\nFailure: \nCT:\n");
@@ -256,7 +256,7 @@ int eax_test(void)
              outct, tests[x].msglen, outct, outtag, len, &res)) != CRYPT_OK) {
             return err;
         }
-        if ((res != 1) || memcmp(outct, tests[x].plaintext, tests[x].msglen)) {
+        if ((res != 1) || XMEMCMP(outct, tests[x].plaintext, tests[x].msglen)) {
 #if 0
            unsigned long y;
            printf("\n\nFailure (res == %d): \nPT:\n", res);
@@ -278,5 +278,5 @@ int eax_test(void)
 #endif /* EAX_MODE */
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/eax/eax_test.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/encauth/gcm/gcm_add_aad.c b/libtomcrypt/src/encauth/gcm/gcm_add_aad.c
index 03cb279..6037c6c 100644
--- a/libtomcrypt/src/encauth/gcm/gcm_add_aad.c
+++ b/libtomcrypt/src/encauth/gcm/gcm_add_aad.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -57,7 +57,7 @@ int gcm_add_aad(gcm_state *gcm,
             gcm->totlen += gcm->buflen * CONST64(8);
             gcm_mult_h(gcm, gcm->X);
          }
- 
+
          /* mix in the length */
          zeromem(gcm->buf, 8);
          STORE64H(gcm->totlen, gcm->buf+8);
@@ -120,5 +120,5 @@ int gcm_add_aad(gcm_state *gcm,
    
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_add_aad.c,v $ */
-/* $Revision: 1.14 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.16 $ */
+/* $Date: 2006/09/23 19:24:21 $ */
diff --git a/libtomcrypt/src/encauth/gcm/gcm_add_iv.c b/libtomcrypt/src/encauth/gcm/gcm_add_iv.c
index 107cf35..44e3167 100644
--- a/libtomcrypt/src/encauth/gcm/gcm_add_iv.c
+++ b/libtomcrypt/src/encauth/gcm/gcm_add_iv.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -90,5 +90,5 @@ int gcm_add_iv(gcm_state *gcm,
    
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_add_iv.c,v $ */
-/* $Revision: 1.6 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/gcm/gcm_done.c b/libtomcrypt/src/encauth/gcm/gcm_done.c
index 96ef7f3..4cbd09f 100644
--- a/libtomcrypt/src/encauth/gcm/gcm_done.c
+++ b/libtomcrypt/src/encauth/gcm/gcm_done.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -62,7 +62,9 @@ int gcm_done(gcm_state *gcm,
    gcm_mult_h(gcm, gcm->X);
 
    /* encrypt original counter */
-   cipher_descriptor[gcm->cipher].ecb_encrypt(gcm->Y_0, gcm->buf, &gcm->K);
+   if ((err = cipher_descriptor[gcm->cipher].ecb_encrypt(gcm->Y_0, gcm->buf, &gcm->K)) != CRYPT_OK) {
+      return err;
+   }
    for (x = 0; x < 16 && x < *taglen; x++) {
        tag[x] = gcm->buf[x] ^ gcm->X[x];
    }
@@ -77,5 +79,5 @@ int gcm_done(gcm_state *gcm,
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_done.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/gcm/gcm_gf_mult.c b/libtomcrypt/src/encauth/gcm/gcm_gf_mult.c
index 06db22b..52e82dd 100644
--- a/libtomcrypt/src/encauth/gcm/gcm_gf_mult.c
+++ b/libtomcrypt/src/encauth/gcm/gcm_gf_mult.c
@@ -6,17 +6,59 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
    @file gcm_gf_mult.c
-   GCM implementation, initialize state, by Tom St Denis
+   GCM implementation, do the GF mult, by Tom St Denis
 */
 #include "tomcrypt.h"
 
-#ifdef GCM_MODE
+#if defined(GCM_TABLES) || defined(LRW_TABLES) || ((defined(GCM_MODE) || defined(GCM_MODE)) && defined(LTC_FAST))
 
+/* this is x*2^128 mod p(x) ... the results are 16 bytes each stored in a packed format.  Since only the 
+ * lower 16 bits are not zero'ed I removed the upper 14 bytes */
+const unsigned char gcm_shift_table[256*2] = {
+0x00, 0x00, 0x01, 0xc2, 0x03, 0x84, 0x02, 0x46, 0x07, 0x08, 0x06, 0xca, 0x04, 0x8c, 0x05, 0x4e,
+0x0e, 0x10, 0x0f, 0xd2, 0x0d, 0x94, 0x0c, 0x56, 0x09, 0x18, 0x08, 0xda, 0x0a, 0x9c, 0x0b, 0x5e,
+0x1c, 0x20, 0x1d, 0xe2, 0x1f, 0xa4, 0x1e, 0x66, 0x1b, 0x28, 0x1a, 0xea, 0x18, 0xac, 0x19, 0x6e,
+0x12, 0x30, 0x13, 0xf2, 0x11, 0xb4, 0x10, 0x76, 0x15, 0x38, 0x14, 0xfa, 0x16, 0xbc, 0x17, 0x7e,
+0x38, 0x40, 0x39, 0x82, 0x3b, 0xc4, 0x3a, 0x06, 0x3f, 0x48, 0x3e, 0x8a, 0x3c, 0xcc, 0x3d, 0x0e,
+0x36, 0x50, 0x37, 0x92, 0x35, 0xd4, 0x34, 0x16, 0x31, 0x58, 0x30, 0x9a, 0x32, 0xdc, 0x33, 0x1e,
+0x24, 0x60, 0x25, 0xa2, 0x27, 0xe4, 0x26, 0x26, 0x23, 0x68, 0x22, 0xaa, 0x20, 0xec, 0x21, 0x2e,
+0x2a, 0x70, 0x2b, 0xb2, 0x29, 0xf4, 0x28, 0x36, 0x2d, 0x78, 0x2c, 0xba, 0x2e, 0xfc, 0x2f, 0x3e,
+0x70, 0x80, 0x71, 0x42, 0x73, 0x04, 0x72, 0xc6, 0x77, 0x88, 0x76, 0x4a, 0x74, 0x0c, 0x75, 0xce,
+0x7e, 0x90, 0x7f, 0x52, 0x7d, 0x14, 0x7c, 0xd6, 0x79, 0x98, 0x78, 0x5a, 0x7a, 0x1c, 0x7b, 0xde,
+0x6c, 0xa0, 0x6d, 0x62, 0x6f, 0x24, 0x6e, 0xe6, 0x6b, 0xa8, 0x6a, 0x6a, 0x68, 0x2c, 0x69, 0xee,
+0x62, 0xb0, 0x63, 0x72, 0x61, 0x34, 0x60, 0xf6, 0x65, 0xb8, 0x64, 0x7a, 0x66, 0x3c, 0x67, 0xfe,
+0x48, 0xc0, 0x49, 0x02, 0x4b, 0x44, 0x4a, 0x86, 0x4f, 0xc8, 0x4e, 0x0a, 0x4c, 0x4c, 0x4d, 0x8e,
+0x46, 0xd0, 0x47, 0x12, 0x45, 0x54, 0x44, 0x96, 0x41, 0xd8, 0x40, 0x1a, 0x42, 0x5c, 0x43, 0x9e,
+0x54, 0xe0, 0x55, 0x22, 0x57, 0x64, 0x56, 0xa6, 0x53, 0xe8, 0x52, 0x2a, 0x50, 0x6c, 0x51, 0xae,
+0x5a, 0xf0, 0x5b, 0x32, 0x59, 0x74, 0x58, 0xb6, 0x5d, 0xf8, 0x5c, 0x3a, 0x5e, 0x7c, 0x5f, 0xbe,
+0xe1, 0x00, 0xe0, 0xc2, 0xe2, 0x84, 0xe3, 0x46, 0xe6, 0x08, 0xe7, 0xca, 0xe5, 0x8c, 0xe4, 0x4e,
+0xef, 0x10, 0xee, 0xd2, 0xec, 0x94, 0xed, 0x56, 0xe8, 0x18, 0xe9, 0xda, 0xeb, 0x9c, 0xea, 0x5e,
+0xfd, 0x20, 0xfc, 0xe2, 0xfe, 0xa4, 0xff, 0x66, 0xfa, 0x28, 0xfb, 0xea, 0xf9, 0xac, 0xf8, 0x6e,
+0xf3, 0x30, 0xf2, 0xf2, 0xf0, 0xb4, 0xf1, 0x76, 0xf4, 0x38, 0xf5, 0xfa, 0xf7, 0xbc, 0xf6, 0x7e,
+0xd9, 0x40, 0xd8, 0x82, 0xda, 0xc4, 0xdb, 0x06, 0xde, 0x48, 0xdf, 0x8a, 0xdd, 0xcc, 0xdc, 0x0e,
+0xd7, 0x50, 0xd6, 0x92, 0xd4, 0xd4, 0xd5, 0x16, 0xd0, 0x58, 0xd1, 0x9a, 0xd3, 0xdc, 0xd2, 0x1e,
+0xc5, 0x60, 0xc4, 0xa2, 0xc6, 0xe4, 0xc7, 0x26, 0xc2, 0x68, 0xc3, 0xaa, 0xc1, 0xec, 0xc0, 0x2e,
+0xcb, 0x70, 0xca, 0xb2, 0xc8, 0xf4, 0xc9, 0x36, 0xcc, 0x78, 0xcd, 0xba, 0xcf, 0xfc, 0xce, 0x3e,
+0x91, 0x80, 0x90, 0x42, 0x92, 0x04, 0x93, 0xc6, 0x96, 0x88, 0x97, 0x4a, 0x95, 0x0c, 0x94, 0xce,
+0x9f, 0x90, 0x9e, 0x52, 0x9c, 0x14, 0x9d, 0xd6, 0x98, 0x98, 0x99, 0x5a, 0x9b, 0x1c, 0x9a, 0xde,
+0x8d, 0xa0, 0x8c, 0x62, 0x8e, 0x24, 0x8f, 0xe6, 0x8a, 0xa8, 0x8b, 0x6a, 0x89, 0x2c, 0x88, 0xee,
+0x83, 0xb0, 0x82, 0x72, 0x80, 0x34, 0x81, 0xf6, 0x84, 0xb8, 0x85, 0x7a, 0x87, 0x3c, 0x86, 0xfe,
+0xa9, 0xc0, 0xa8, 0x02, 0xaa, 0x44, 0xab, 0x86, 0xae, 0xc8, 0xaf, 0x0a, 0xad, 0x4c, 0xac, 0x8e,
+0xa7, 0xd0, 0xa6, 0x12, 0xa4, 0x54, 0xa5, 0x96, 0xa0, 0xd8, 0xa1, 0x1a, 0xa3, 0x5c, 0xa2, 0x9e,
+0xb5, 0xe0, 0xb4, 0x22, 0xb6, 0x64, 0xb7, 0xa6, 0xb2, 0xe8, 0xb3, 0x2a, 0xb1, 0x6c, 0xb0, 0xae,
+0xbb, 0xf0, 0xba, 0x32, 0xb8, 0x74, 0xb9, 0xb6, 0xbc, 0xf8, 0xbd, 0x3a, 0xbf, 0x7c, 0xbe, 0xbe };
+
+#endif
+
+
+#if defined(GCM_MODE) || defined(LRW_MODE)
+
+#ifndef LTC_FAST
 /* right shift */
 static void gcm_rightshift(unsigned char *a)
 {
@@ -33,7 +75,7 @@ static const unsigned char poly[] = { 0x00, 0xE1 };
 
      
 /**
-  GCM GF multiplier (internal use only) 
+  GCM GF multiplier (internal use only)  bitserial
   @param a   First value
   @param b   Second value
   @param c   Destination for a * b
@@ -58,37 +100,122 @@ void gcm_gf_mult(const unsigned char *a, const unsigned char *b, unsigned char *
    XMEMCPY(c, Z, 16);
 }
 
+#else
+
+/* map normal numbers to "ieee" way ... e.g. bit reversed */
+#define M(x) ( ((x&8)>>3) | ((x&4)>>1) | ((x&2)<<1) | ((x&1)<<3) )
+
+#define BPD (sizeof(LTC_FAST_TYPE) * 8)
+#define WPV (1 + (16 / sizeof(LTC_FAST_TYPE)))
+
 /**
-  GCM multiply by H
-  @param gcm   The GCM state which holds the H value
-  @param I     The value to multiply H by
- */
-void gcm_mult_h(gcm_state *gcm, unsigned char *I)
+  GCM GF multiplier (internal use only)  word oriented
+  @param a   First value
+  @param b   Second value
+  @param c   Destination for a * b
+ */  
+void gcm_gf_mult(const unsigned char *a, const unsigned char *b, unsigned char *c)
 {
-   unsigned char T[16];
-#ifdef GCM_TABLES
-   int x, y;
-   XMEMCPY(T, &gcm->PC[0][I[0]][0], 16);
-   for (x = 1; x < 16; x++) {
-#ifdef LTC_FAST
-       for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) {
-           *((LTC_FAST_TYPE *)(T + y)) ^= *((LTC_FAST_TYPE *)(&gcm->PC[x][I[x]][y]));
+   int i, j, k, u;
+   LTC_FAST_TYPE B[16][WPV], tmp[32 / sizeof(LTC_FAST_TYPE)], pB[16 / sizeof(LTC_FAST_TYPE)], zz, z;
+   unsigned char pTmp[32];
+
+   /* create simple tables */
+   zeromem(B[0],       sizeof(B[0]));
+   zeromem(B[M(1)],    sizeof(B[M(1)]));
+
+#ifdef ENDIAN_32BITWORD
+   for (i = 0; i < 4; i++) {
+       LOAD32H(B[M(1)][i], a + (i<<2));
+       LOAD32L(pB[i],      b + (i<<2));
+   }
+#else 
+   for (i = 0; i < 2; i++) {
+       LOAD64H(B[M(1)][i], a + (i<<3));
+       LOAD64L(pB[i],      b + (i<<3));
+   }
+#endif
+
+   /* now create 2, 4 and 8 */
+   B[M(2)][0] = B[M(1)][0] >> 1;
+   B[M(4)][0] = B[M(1)][0] >> 2;
+   B[M(8)][0] = B[M(1)][0] >> 3;
+   for (i = 1; i < (int)WPV; i++) {
+      B[M(2)][i] = (B[M(1)][i-1] << (BPD-1)) | (B[M(1)][i] >> 1);
+      B[M(4)][i] = (B[M(1)][i-1] << (BPD-2)) | (B[M(1)][i] >> 2);
+      B[M(8)][i] = (B[M(1)][i-1] << (BPD-3)) | (B[M(1)][i] >> 3);
+   }
+
+   /*  now all values with two bits which are 3, 5, 6, 9, 10, 12 */
+   for (i = 0; i < (int)WPV; i++) {
+      B[M(3)][i]  = B[M(1)][i] ^ B[M(2)][i];
+      B[M(5)][i]  = B[M(1)][i] ^ B[M(4)][i];
+      B[M(6)][i]  = B[M(2)][i] ^ B[M(4)][i];
+      B[M(9)][i]  = B[M(1)][i] ^ B[M(8)][i];
+      B[M(10)][i] = B[M(2)][i] ^ B[M(8)][i];
+      B[M(12)][i] = B[M(8)][i] ^ B[M(4)][i];
+   
+   /*  now all 3 bit values and the only 4 bit value: 7, 11, 13, 14, 15 */
+      B[M(7)][i]  = B[M(3)][i] ^ B[M(4)][i];
+      B[M(11)][i] = B[M(3)][i] ^ B[M(8)][i];
+      B[M(13)][i] = B[M(1)][i] ^ B[M(12)][i];
+      B[M(14)][i] = B[M(6)][i] ^ B[M(8)][i];
+      B[M(15)][i] = B[M(7)][i] ^ B[M(8)][i];
+   }
+
+   zeromem(tmp, sizeof(tmp));
+
+   /* compute product four bits of each word at a time */
+   /* for each nibble */
+   for (i = (BPD/4)-1; i >= 0; i--) {
+       /* for each word */
+       for (j = 0; j < (int)(WPV-1); j++) {
+        /* grab the 4 bits recall the nibbles are backwards so it's a shift by (i^1)*4 */
+           u = (pB[j] >> ((i^1)<<2)) & 15;
+
+        /* add offset by the word count the table looked up value to the result */
+           for (k = 0; k < (int)WPV; k++) {
+               tmp[k+j] ^= B[u][k];
+           }
        }
-#else
-       for (y = 0; y < 16; y++) {
-           T[y] ^= gcm->PC[x][I[x]][y];
+     /* shift result up by 4 bits */
+       if (i != 0) {
+          for (z = j = 0; j < (int)(32 / sizeof(LTC_FAST_TYPE)); j++) {
+              zz = tmp[j] << (BPD-4);
+              tmp[j] = (tmp[j] >> 4) | z;
+              z = zz;
+          }
        }
-#endif
    }
-#else     
-   gcm_gf_mult(gcm->H, I, T); 
+
+   /* store product */
+#ifdef ENDIAN_32BITWORD
+   for (i = 0; i < 8; i++) {
+       STORE32H(tmp[i], pTmp + (i<<2));
+   }
+#else 
+   for (i = 0; i < 4; i++) {
+       STORE64H(tmp[i], pTmp + (i<<3));
+   }
 #endif
-   XMEMCPY(I, T, 16);
+
+   /* reduce by taking most significant byte and adding the appropriate two byte sequence 16 bytes down */
+   for (i = 31; i >= 16; i--) {
+       pTmp[i-16] ^= gcm_shift_table[((unsigned)pTmp[i]<<1)];
+       pTmp[i-15] ^= gcm_shift_table[((unsigned)pTmp[i]<<1)+1];
+   }
+
+   for (i = 0; i < 16; i++) {
+       c[i] = pTmp[i];
+   }
+
 }
 
+#endif
 
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_gf_mult.c,v $ */
-/* $Revision: 1.16 $ */
-/* $Date: 2005/05/21 14:33:42 $ */
+/* $Revision: 1.23 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
+ 
diff --git a/libtomcrypt/src/encauth/gcm/gcm_init.c b/libtomcrypt/src/encauth/gcm/gcm_init.c
index 249b61d..c0f7a5a 100644
--- a/libtomcrypt/src/encauth/gcm/gcm_init.c
+++ b/libtomcrypt/src/encauth/gcm/gcm_init.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -17,46 +17,6 @@
 
 #ifdef GCM_MODE
 
-#ifdef GCM_TABLES
-
-/* this is x*2^128 mod p(x) ... the results are 16 bytes each stored in a packed format.  Since only the 
- * lower 16 bits are not zero'ed I removed the upper 14 bytes */
-static const unsigned char gcm_shift_table[256*2] = {
-0x00, 0x00, 0x01, 0xc2, 0x03, 0x84, 0x02, 0x46, 0x07, 0x08, 0x06, 0xca, 0x04, 0x8c, 0x05, 0x4e,
-0x0e, 0x10, 0x0f, 0xd2, 0x0d, 0x94, 0x0c, 0x56, 0x09, 0x18, 0x08, 0xda, 0x0a, 0x9c, 0x0b, 0x5e,
-0x1c, 0x20, 0x1d, 0xe2, 0x1f, 0xa4, 0x1e, 0x66, 0x1b, 0x28, 0x1a, 0xea, 0x18, 0xac, 0x19, 0x6e,
-0x12, 0x30, 0x13, 0xf2, 0x11, 0xb4, 0x10, 0x76, 0x15, 0x38, 0x14, 0xfa, 0x16, 0xbc, 0x17, 0x7e,
-0x38, 0x40, 0x39, 0x82, 0x3b, 0xc4, 0x3a, 0x06, 0x3f, 0x48, 0x3e, 0x8a, 0x3c, 0xcc, 0x3d, 0x0e,
-0x36, 0x50, 0x37, 0x92, 0x35, 0xd4, 0x34, 0x16, 0x31, 0x58, 0x30, 0x9a, 0x32, 0xdc, 0x33, 0x1e,
-0x24, 0x60, 0x25, 0xa2, 0x27, 0xe4, 0x26, 0x26, 0x23, 0x68, 0x22, 0xaa, 0x20, 0xec, 0x21, 0x2e,
-0x2a, 0x70, 0x2b, 0xb2, 0x29, 0xf4, 0x28, 0x36, 0x2d, 0x78, 0x2c, 0xba, 0x2e, 0xfc, 0x2f, 0x3e,
-0x70, 0x80, 0x71, 0x42, 0x73, 0x04, 0x72, 0xc6, 0x77, 0x88, 0x76, 0x4a, 0x74, 0x0c, 0x75, 0xce,
-0x7e, 0x90, 0x7f, 0x52, 0x7d, 0x14, 0x7c, 0xd6, 0x79, 0x98, 0x78, 0x5a, 0x7a, 0x1c, 0x7b, 0xde,
-0x6c, 0xa0, 0x6d, 0x62, 0x6f, 0x24, 0x6e, 0xe6, 0x6b, 0xa8, 0x6a, 0x6a, 0x68, 0x2c, 0x69, 0xee,
-0x62, 0xb0, 0x63, 0x72, 0x61, 0x34, 0x60, 0xf6, 0x65, 0xb8, 0x64, 0x7a, 0x66, 0x3c, 0x67, 0xfe,
-0x48, 0xc0, 0x49, 0x02, 0x4b, 0x44, 0x4a, 0x86, 0x4f, 0xc8, 0x4e, 0x0a, 0x4c, 0x4c, 0x4d, 0x8e,
-0x46, 0xd0, 0x47, 0x12, 0x45, 0x54, 0x44, 0x96, 0x41, 0xd8, 0x40, 0x1a, 0x42, 0x5c, 0x43, 0x9e,
-0x54, 0xe0, 0x55, 0x22, 0x57, 0x64, 0x56, 0xa6, 0x53, 0xe8, 0x52, 0x2a, 0x50, 0x6c, 0x51, 0xae,
-0x5a, 0xf0, 0x5b, 0x32, 0x59, 0x74, 0x58, 0xb6, 0x5d, 0xf8, 0x5c, 0x3a, 0x5e, 0x7c, 0x5f, 0xbe,
-0xe1, 0x00, 0xe0, 0xc2, 0xe2, 0x84, 0xe3, 0x46, 0xe6, 0x08, 0xe7, 0xca, 0xe5, 0x8c, 0xe4, 0x4e,
-0xef, 0x10, 0xee, 0xd2, 0xec, 0x94, 0xed, 0x56, 0xe8, 0x18, 0xe9, 0xda, 0xeb, 0x9c, 0xea, 0x5e,
-0xfd, 0x20, 0xfc, 0xe2, 0xfe, 0xa4, 0xff, 0x66, 0xfa, 0x28, 0xfb, 0xea, 0xf9, 0xac, 0xf8, 0x6e,
-0xf3, 0x30, 0xf2, 0xf2, 0xf0, 0xb4, 0xf1, 0x76, 0xf4, 0x38, 0xf5, 0xfa, 0xf7, 0xbc, 0xf6, 0x7e,
-0xd9, 0x40, 0xd8, 0x82, 0xda, 0xc4, 0xdb, 0x06, 0xde, 0x48, 0xdf, 0x8a, 0xdd, 0xcc, 0xdc, 0x0e,
-0xd7, 0x50, 0xd6, 0x92, 0xd4, 0xd4, 0xd5, 0x16, 0xd0, 0x58, 0xd1, 0x9a, 0xd3, 0xdc, 0xd2, 0x1e,
-0xc5, 0x60, 0xc4, 0xa2, 0xc6, 0xe4, 0xc7, 0x26, 0xc2, 0x68, 0xc3, 0xaa, 0xc1, 0xec, 0xc0, 0x2e,
-0xcb, 0x70, 0xca, 0xb2, 0xc8, 0xf4, 0xc9, 0x36, 0xcc, 0x78, 0xcd, 0xba, 0xcf, 0xfc, 0xce, 0x3e,
-0x91, 0x80, 0x90, 0x42, 0x92, 0x04, 0x93, 0xc6, 0x96, 0x88, 0x97, 0x4a, 0x95, 0x0c, 0x94, 0xce,
-0x9f, 0x90, 0x9e, 0x52, 0x9c, 0x14, 0x9d, 0xd6, 0x98, 0x98, 0x99, 0x5a, 0x9b, 0x1c, 0x9a, 0xde,
-0x8d, 0xa0, 0x8c, 0x62, 0x8e, 0x24, 0x8f, 0xe6, 0x8a, 0xa8, 0x8b, 0x6a, 0x89, 0x2c, 0x88, 0xee,
-0x83, 0xb0, 0x82, 0x72, 0x80, 0x34, 0x81, 0xf6, 0x84, 0xb8, 0x85, 0x7a, 0x87, 0x3c, 0x86, 0xfe,
-0xa9, 0xc0, 0xa8, 0x02, 0xaa, 0x44, 0xab, 0x86, 0xae, 0xc8, 0xaf, 0x0a, 0xad, 0x4c, 0xac, 0x8e,
-0xa7, 0xd0, 0xa6, 0x12, 0xa4, 0x54, 0xa5, 0x96, 0xa0, 0xd8, 0xa1, 0x1a, 0xa3, 0x5c, 0xa2, 0x9e,
-0xb5, 0xe0, 0xb4, 0x22, 0xb6, 0x64, 0xb7, 0xa6, 0xb2, 0xe8, 0xb3, 0x2a, 0xb1, 0x6c, 0xb0, 0xae,
-0xbb, 0xf0, 0xba, 0x32, 0xb8, 0x74, 0xb9, 0xb6, 0xbc, 0xf8, 0xbd, 0x3a, 0xbf, 0x7c, 0xbe, 0xbe };
-
-#endif
-
 /**
   Initialize a GCM state
   @param gcm     The GCM state to initialize
@@ -98,7 +58,9 @@ int gcm_init(gcm_state *gcm, int cipher,
 
    /* H = E(0) */
    zeromem(B, 16);
-   cipher_descriptor[cipher].ecb_encrypt(B, gcm->H, &gcm->K);
+   if ((err = cipher_descriptor[cipher].ecb_encrypt(B, gcm->H, &gcm->K)) != CRYPT_OK) {
+      return err;
+   }
 
    /* setup state */
    zeromem(gcm->buf, sizeof(gcm->buf));
@@ -141,5 +103,5 @@ int gcm_init(gcm_state *gcm, int cipher,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_init.c,v $ */
-/* $Revision: 1.15 $ */
-/* $Date: 2005/05/21 15:05:19 $ */
+/* $Revision: 1.18 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/gcm/gcm_memory.c b/libtomcrypt/src/encauth/gcm/gcm_memory.c
index ee10d3f..ddec010 100644
--- a/libtomcrypt/src/encauth/gcm/gcm_memory.c
+++ b/libtomcrypt/src/encauth/gcm/gcm_memory.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -43,6 +43,7 @@ int gcm_memory(      int           cipher,
                      unsigned char *tag,    unsigned long *taglen,
                                int direction)
 {
+    void      *orig;
     gcm_state *gcm;
     int        err;
 
@@ -51,7 +52,8 @@ int gcm_memory(      int           cipher,
     }
  
     if (cipher_descriptor[cipher].accel_gcm_memory != NULL) {
-       cipher_descriptor[cipher].accel_gcm_memory
+       return 
+         cipher_descriptor[cipher].accel_gcm_memory
                                           (key,   keylen,
                                            IV,    IVlen,
                                            adata, adatalen,
@@ -59,15 +61,29 @@ int gcm_memory(      int           cipher,
                                            ct,
                                            tag,   taglen,
                                            direction);
-       return CRYPT_OK;
     }
 
 
-    gcm = XMALLOC(sizeof(*gcm));
+
+#ifndef GCM_TABLES_SSE2
+    orig = gcm = XMALLOC(sizeof(*gcm));
+#else
+    orig = gcm = XMALLOC(sizeof(*gcm) + 16);
+#endif
     if (gcm == NULL) {
         return CRYPT_MEM;
     }
 
+   /* Force GCM to be on a multiple of 16 so we can use 128-bit aligned operations
+    * note that we only modify gcm and keep orig intact.  This code is not portable
+    * but again it's only for SSE2 anyways, so who cares?
+    */
+#ifdef GCM_TABLES_SSE2
+   if ((unsigned long)gcm & 15) {
+      gcm = (gcm_state *)((unsigned long)gcm + (16 - ((unsigned long)gcm & 15)));
+   }
+#endif
+
     if ((err = gcm_init(gcm, cipher, key, keylen)) != CRYPT_OK) {
        goto LTC_ERR;
     }
@@ -82,12 +98,12 @@ int gcm_memory(      int           cipher,
     }
     err = gcm_done(gcm, tag, taglen);
 LTC_ERR:
-    XFREE(gcm);
+    XFREE(orig);
     return err;
 }
 #endif
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_memory.c,v $ */
-/* $Revision: 1.19 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.23 $ */
+/* $Date: 2006/09/07 10:00:57 $ */
diff --git a/libtomcrypt/src/encauth/gcm/gcm_mult_h.c b/libtomcrypt/src/encauth/gcm/gcm_mult_h.c
new file mode 100644
index 0000000..8391e00
--- /dev/null
+++ b/libtomcrypt/src/encauth/gcm/gcm_mult_h.c
@@ -0,0 +1,58 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/**
+   @file gcm_mult_h.c
+   GCM implementation, do the GF mult, by Tom St Denis
+*/
+#include "tomcrypt.h"
+
+#if defined(GCM_MODE)
+/**
+  GCM multiply by H
+  @param gcm   The GCM state which holds the H value
+  @param I     The value to multiply H by
+ */
+void gcm_mult_h(gcm_state *gcm, unsigned char *I)
+{
+   unsigned char T[16];
+#ifdef GCM_TABLES
+   int x, y;
+#ifdef GCM_TABLES_SSE2
+   asm("movdqa (%0),%%xmm0"::"r"(&gcm->PC[0][I[0]][0]));
+   for (x = 1; x < 16; x++) {
+      asm("pxor (%0),%%xmm0"::"r"(&gcm->PC[x][I[x]][0]));
+   }
+   asm("movdqa %%xmm0,(%0)"::"r"(&T));
+#else
+   XMEMCPY(T, &gcm->PC[0][I[0]][0], 16);
+   for (x = 1; x < 16; x++) {
+#ifdef LTC_FAST
+       for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) {
+           *((LTC_FAST_TYPE *)(T + y)) ^= *((LTC_FAST_TYPE *)(&gcm->PC[x][I[x]][y]));
+       }
+#else
+       for (y = 0; y < 16; y++) {
+           T[y] ^= gcm->PC[x][I[x]][y];
+       }
+#endif /* LTC_FAST */
+   }
+#endif /* GCM_TABLES_SSE2 */
+#else     
+   gcm_gf_mult(gcm->H, I, T); 
+#endif
+   XMEMCPY(I, T, 16);
+}
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_mult_h.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/08/23 20:40:23 $ */
diff --git a/libtomcrypt/src/encauth/gcm/gcm_process.c b/libtomcrypt/src/encauth/gcm/gcm_process.c
index f512e28..f4d21d3 100644
--- a/libtomcrypt/src/encauth/gcm/gcm_process.c
+++ b/libtomcrypt/src/encauth/gcm/gcm_process.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -31,9 +31,9 @@ int gcm_process(gcm_state *gcm,
                      unsigned char *ct,
                      int direction)
 {
-   unsigned long x, y;
+   unsigned long x;
+   int           y, err;
    unsigned char b;
-   int           err;
 
    LTC_ARGCHK(gcm != NULL);
    if (ptlen > 0) {
@@ -59,10 +59,12 @@ int gcm_process(gcm_state *gcm,
 
       /* increment counter */
       for (y = 15; y >= 12; y--) {
-          if (++gcm->Y[y]) { break; }
+          if (++gcm->Y[y] & 255) { break; }
       }
       /* encrypt the counter */
-      cipher_descriptor[gcm->cipher].ecb_encrypt(gcm->Y, gcm->buf, &gcm->K);     
+      if ((err = cipher_descriptor[gcm->cipher].ecb_encrypt(gcm->Y, gcm->buf, &gcm->K)) != CRYPT_OK) {
+         return err;
+      }
 
       gcm->buflen = 0;
       gcm->mode   = GCM_MODE_TEXT;
@@ -87,9 +89,11 @@ int gcm_process(gcm_state *gcm,
              gcm_mult_h(gcm, gcm->X);
              /* increment counter */
              for (y = 15; y >= 12; y--) {
-                 if (++gcm->Y[y]) { break; }
+                 if (++gcm->Y[y] & 255) { break; }
+             }
+             if ((err = cipher_descriptor[gcm->cipher].ecb_encrypt(gcm->Y, gcm->buf, &gcm->K)) != CRYPT_OK) {
+                return err;
              }
-             cipher_descriptor[gcm->cipher].ecb_encrypt(gcm->Y, gcm->buf, &gcm->K);
          }
       } else {
          for (x = 0; x < (ptlen & ~15); x += 16) {
@@ -103,9 +107,11 @@ int gcm_process(gcm_state *gcm,
              gcm_mult_h(gcm, gcm->X);
              /* increment counter */
              for (y = 15; y >= 12; y--) {
-                 if (++gcm->Y[y]) { break; }
+                 if (++gcm->Y[y] & 255) { break; }
+             }
+             if ((err = cipher_descriptor[gcm->cipher].ecb_encrypt(gcm->Y, gcm->buf, &gcm->K)) != CRYPT_OK) {
+                return err;
              }
-             cipher_descriptor[gcm->cipher].ecb_encrypt(gcm->Y, gcm->buf, &gcm->K);
          }
      }
    }
@@ -119,9 +125,11 @@ int gcm_process(gcm_state *gcm,
           
           /* increment counter */
           for (y = 15; y >= 12; y--) {
-              if (++gcm->Y[y]) { break; }
+              if (++gcm->Y[y] & 255) { break; }
+          }
+          if ((err = cipher_descriptor[gcm->cipher].ecb_encrypt(gcm->Y, gcm->buf, &gcm->K)) != CRYPT_OK) {
+             return err;
           }
-          cipher_descriptor[gcm->cipher].ecb_encrypt(gcm->Y, gcm->buf, &gcm->K);
           gcm->buflen = 0;
        }
 
@@ -137,11 +145,8 @@ int gcm_process(gcm_state *gcm,
    return CRYPT_OK;
 }
 
-
-
 #endif
-   
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_process.c,v $ */
-/* $Revision: 1.8 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.14 $ */
+/* $Date: 2006/11/19 19:33:36 $ */
diff --git a/libtomcrypt/src/encauth/gcm/gcm_reset.c b/libtomcrypt/src/encauth/gcm/gcm_reset.c
index b336a92..a6a8522 100644
--- a/libtomcrypt/src/encauth/gcm/gcm_reset.c
+++ b/libtomcrypt/src/encauth/gcm/gcm_reset.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -40,5 +40,5 @@ int gcm_reset(gcm_state *gcm)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_reset.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/gcm/gcm_test.c b/libtomcrypt/src/encauth/gcm/gcm_test.c
index 7106188..2f8539b 100644
--- a/libtomcrypt/src/encauth/gcm/gcm_test.c
+++ b/libtomcrypt/src/encauth/gcm/gcm_test.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -29,13 +29,13 @@ int gcm_test(void)
    static const struct {
        unsigned char K[32];
        int           keylen;
-       unsigned char P[64];
+       unsigned char P[128];
        unsigned long ptlen;
-		 unsigned char A[64];
+       unsigned char A[128];
        unsigned long alen;
-       unsigned char IV[64];
+       unsigned char IV[128];
        unsigned long IVlen;
-       unsigned char C[64];
+       unsigned char C[128];
        unsigned char T[16];
    } tests[] = {
 
@@ -275,13 +275,58 @@ int gcm_test(void)
    /* TAG */
    { 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa, 
      0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50, }
+},
+
+/* test case #46 from BG (catches the LTC bug of v1.15) */
+{
+   /* key */
+   { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 
+     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+   16,
+
+   /* PT */
+   { 0xa2, 0xaa, 0xb3, 0xad, 0x8b, 0x17, 0xac, 0xdd, 
+     0xa2, 0x88, 0x42, 0x6c, 0xd7, 0xc4, 0x29, 0xb7, 
+     0xca, 0x86, 0xb7, 0xac, 0xa0, 0x58, 0x09, 0xc7, 
+     0x0c, 0xe8, 0x2d, 0xb2, 0x57, 0x11, 0xcb, 0x53,
+     0x02, 0xeb, 0x27, 0x43, 0xb0, 0x36, 0xf3, 0xd7, 
+     0x50, 0xd6, 0xcf, 0x0d, 0xc0, 0xac, 0xb9, 0x29, 
+     0x50, 0xd5, 0x46, 0xdb, 0x30, 0x8f, 0x93, 0xb4, 
+     0xff, 0x24, 0x4a, 0xfa, 0x9d, 0xc7, 0x2b, 0xcd,
+     0x75, 0x8d, 0x2c },
+   67,
+
+   /* ADATA */
+   { 0x68, 0x8e, 0x1a, 0xa9, 0x84, 0xde, 0x92, 0x6d, 
+     0xc7, 0xb4, 0xc4, 0x7f, 0x44 },
+   13,   
+
+   /* IV */
+   { 0xb7, 0x21, 0x38, 0xb5, 0xa0, 0x5f, 0xf5, 0x07, 
+     0x0e, 0x8c, 0xd9, 0x41, 0x83, 0xf7, 0x61, 0xd8 },
+   16,
+
+   /* CT */
+   { 0xcb, 0xc8, 0xd2, 0xf1, 0x54, 0x81, 0xa4, 0xcc, 
+     0x7d, 0xd1, 0xe1, 0x9a, 0xaa, 0x83, 0xde, 0x56, 
+     0x78, 0x48, 0x3e, 0xc3, 0x59, 0xae, 0x7d, 0xec, 
+     0x2a, 0xb8, 0xd5, 0x34, 0xe0, 0x90, 0x6f, 0x4b,
+     0x46, 0x63, 0xfa, 0xff, 0x58, 0xa8, 0xb2, 0xd7, 
+     0x33, 0xb8, 0x45, 0xee, 0xf7, 0xc9, 0xb3, 0x31, 
+     0xe9, 0xe1, 0x0e, 0xb2, 0x61, 0x2c, 0x99, 0x5f, 
+     0xeb, 0x1a, 0xc1, 0x5a, 0x62, 0x86, 0xcc, 0xe8,
+     0xb2, 0x97, 0xa8 },
+
+   /* TAG */
+   { 0x8d, 0x2d, 0x2a, 0x93, 0x72, 0x62, 0x6f, 0x6b, 
+     0xee, 0x85, 0x80, 0x27, 0x6a, 0x63, 0x66, 0xbf }
 }
 
 /* rest of test cases are the same except AES key size changes... ignored... */
 };
    int           idx, err;
    unsigned long x, y;
-   unsigned char out[2][64], T[2][16];
+   unsigned char out[2][128], T[2][16];
 
    /* find aes */
    idx = find_cipher("aes");
@@ -302,7 +347,7 @@ int gcm_test(void)
           return err;
        }
 
-       if (memcmp(out[0], tests[x].C, tests[x].ptlen)) {
+       if (XMEMCMP(out[0], tests[x].C, tests[x].ptlen)) {
 #if 0
           printf("\nCiphertext wrong %lu\n", x);
           for (y = 0; y < tests[x].ptlen; y++) {
@@ -313,7 +358,7 @@ int gcm_test(void)
           return CRYPT_FAIL_TESTVECTOR;
        }
 
-       if (memcmp(T[0], tests[x].T, 16)) {
+       if (XMEMCMP(T[0], tests[x].T, 16)) {
 #if 0
           printf("\nTag on plaintext wrong %lu\n", x);
           for (y = 0; y < 16; y++) {
@@ -333,7 +378,7 @@ int gcm_test(void)
           return err;
        }
 
-       if (memcmp(out[1], tests[x].P, tests[x].ptlen)) {
+       if (XMEMCMP(out[1], tests[x].P, tests[x].ptlen)) {
 #if 0
           printf("\nplaintext wrong %lu\n", x);
           for (y = 0; y < tests[x].ptlen; y++) {
@@ -344,7 +389,7 @@ int gcm_test(void)
           return CRYPT_FAIL_TESTVECTOR;
        }
 
-       if (memcmp(T[1], tests[x].T, 16)) {
+       if (XMEMCMP(T[1], tests[x].T, 16)) {
 #if 0
           printf("\nTag on ciphertext wrong %lu\n", x);
           for (y = 0; y < 16; y++) {
@@ -364,5 +409,5 @@ int gcm_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/gcm/gcm_test.c,v $ */
-/* $Revision: 1.15 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.20 $ */
+/* $Date: 2006/12/03 17:25:44 $ */
diff --git a/libtomcrypt/src/encauth/ocb/ocb_decrypt.c b/libtomcrypt/src/encauth/ocb/ocb_decrypt.c
index a0f2754..58f3825 100644
--- a/libtomcrypt/src/encauth/ocb/ocb_decrypt.c
+++ b/libtomcrypt/src/encauth/ocb/ocb_decrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -51,7 +51,9 @@ int ocb_decrypt(ocb_state *ocb, const unsigned char *ct, unsigned char *pt)
    for (x = 0; x < ocb->block_len; x++) {
        tmp[x] = ct[x] ^ Z[x];
    }
-   cipher_descriptor[ocb->cipher].ecb_decrypt(tmp, pt, &ocb->key);
+   if ((err = cipher_descriptor[ocb->cipher].ecb_decrypt(tmp, pt, &ocb->key)) != CRYPT_OK) {
+      return err;
+   }
    for (x = 0; x < ocb->block_len; x++) {
        pt[x] ^= Z[x];
    }
@@ -73,5 +75,5 @@ int ocb_decrypt(ocb_state *ocb, const unsigned char *ct, unsigned char *pt)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_decrypt.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/ocb/ocb_decrypt_verify_memory.c b/libtomcrypt/src/encauth/ocb/ocb_decrypt_verify_memory.c
index 0173eff..b7b8840 100644
--- a/libtomcrypt/src/encauth/ocb/ocb_decrypt_verify_memory.c
+++ b/libtomcrypt/src/encauth/ocb/ocb_decrypt_verify_memory.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /** 
@@ -82,5 +82,5 @@ LBL_ERR:
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_decrypt_verify_memory.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/ocb/ocb_done_decrypt.c b/libtomcrypt/src/encauth/ocb/ocb_done_decrypt.c
index fb149bd..2a3ae39 100644
--- a/libtomcrypt/src/encauth/ocb/ocb_done_decrypt.c
+++ b/libtomcrypt/src/encauth/ocb/ocb_done_decrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /** 
@@ -57,7 +57,7 @@ int ocb_done_decrypt(ocb_state *ocb,
       goto LBL_ERR;
    }
 
-   if (taglen <= tagbuflen && memcmp(tagbuf, tag, taglen) == 0) {
+   if (taglen <= tagbuflen && XMEMCMP(tagbuf, tag, taglen) == 0) {
       *stat = 1;
    }
 
@@ -76,5 +76,5 @@ LBL_ERR:
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_done_decrypt.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/encauth/ocb/ocb_done_encrypt.c b/libtomcrypt/src/encauth/ocb/ocb_done_encrypt.c
index 27126e7..5948d82 100644
--- a/libtomcrypt/src/encauth/ocb/ocb_done_encrypt.c
+++ b/libtomcrypt/src/encauth/ocb/ocb_done_encrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /** 
@@ -42,5 +42,5 @@ int ocb_done_encrypt(ocb_state *ocb, const unsigned char *pt, unsigned long ptle
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_done_encrypt.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/ocb/ocb_encrypt.c b/libtomcrypt/src/encauth/ocb/ocb_encrypt.c
index 2a48551..3c4991c 100644
--- a/libtomcrypt/src/encauth/ocb/ocb_encrypt.c
+++ b/libtomcrypt/src/encauth/ocb/ocb_encrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /** 
@@ -51,7 +51,9 @@ int ocb_encrypt(ocb_state *ocb, const unsigned char *pt, unsigned char *ct)
    for (x = 0; x < ocb->block_len; x++) {
        tmp[x] = pt[x] ^ Z[x];
    }
-   cipher_descriptor[ocb->cipher].ecb_encrypt(tmp, ct, &ocb->key);
+   if ((err = cipher_descriptor[ocb->cipher].ecb_encrypt(tmp, ct, &ocb->key)) != CRYPT_OK) {
+      return err;
+   }
    for (x = 0; x < ocb->block_len; x++) {
        ct[x] ^= Z[x];
    }
@@ -66,5 +68,5 @@ int ocb_encrypt(ocb_state *ocb, const unsigned char *pt, unsigned char *ct)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_encrypt.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/ocb/ocb_encrypt_authenticate_memory.c b/libtomcrypt/src/encauth/ocb/ocb_encrypt_authenticate_memory.c
index beb72c8..e58975e 100644
--- a/libtomcrypt/src/encauth/ocb/ocb_encrypt_authenticate_memory.c
+++ b/libtomcrypt/src/encauth/ocb/ocb_encrypt_authenticate_memory.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /** 
@@ -80,5 +80,5 @@ LBL_ERR:
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_encrypt_authenticate_memory.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/ocb/ocb_init.c b/libtomcrypt/src/encauth/ocb/ocb_init.c
index 9266d5c..536af87 100644
--- a/libtomcrypt/src/encauth/ocb/ocb_init.c
+++ b/libtomcrypt/src/encauth/ocb/ocb_init.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -76,13 +76,17 @@ int ocb_init(ocb_state *ocb, int cipher,
  
    /* find L = E[0] */
    zeromem(ocb->L, ocb->block_len);
-   cipher_descriptor[cipher].ecb_encrypt(ocb->L, ocb->L, &ocb->key);
+   if ((err = cipher_descriptor[cipher].ecb_encrypt(ocb->L, ocb->L, &ocb->key)) != CRYPT_OK) {
+      return err;
+   }
 
    /* find R = E[N xor L] */
    for (x = 0; x < ocb->block_len; x++) {
        ocb->R[x] = ocb->L[x] ^ nonce[x];
    }
-   cipher_descriptor[cipher].ecb_encrypt(ocb->R, ocb->R, &ocb->key);
+   if ((err = cipher_descriptor[cipher].ecb_encrypt(ocb->R, ocb->R, &ocb->key)) != CRYPT_OK) {
+      return err;
+   }
 
    /* find Ls[i] = L << i for i == 0..31 */
    XMEMCPY(ocb->Ls[0], ocb->L, ocb->block_len);
@@ -129,5 +133,5 @@ int ocb_init(ocb_state *ocb, int cipher,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_init.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/ocb/ocb_ntz.c b/libtomcrypt/src/encauth/ocb/ocb_ntz.c
index 9b83c53..8100ec0 100644
--- a/libtomcrypt/src/encauth/ocb/ocb_ntz.c
+++ b/libtomcrypt/src/encauth/ocb/ocb_ntz.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /**
@@ -38,5 +38,5 @@ int ocb_ntz(unsigned long x)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_ntz.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/ocb/ocb_shift_xor.c b/libtomcrypt/src/encauth/ocb/ocb_shift_xor.c
index b03de4b..dea43ee 100644
--- a/libtomcrypt/src/encauth/ocb/ocb_shift_xor.c
+++ b/libtomcrypt/src/encauth/ocb/ocb_shift_xor.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /** 
@@ -35,5 +35,5 @@ void ocb_shift_xor(ocb_state *ocb, unsigned char *Z)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_shift_xor.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/encauth/ocb/ocb_test.c b/libtomcrypt/src/encauth/ocb/ocb_test.c
index 7a7fc77..4d7ed78 100644
--- a/libtomcrypt/src/encauth/ocb/ocb_test.c
+++ b/libtomcrypt/src/encauth/ocb/ocb_test.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /** 
@@ -182,7 +182,7 @@ int ocb_test(void)
            return err;
         }
         
-        if (memcmp(outtag, tests[x].tag, len) || memcmp(outct, tests[x].ct, tests[x].ptlen)) {
+        if (XMEMCMP(outtag, tests[x].tag, len) || XMEMCMP(outct, tests[x].ct, tests[x].ptlen)) {
 #if 0
            unsigned long y;
            printf("\n\nFailure: \nCT:\n");
@@ -205,7 +205,7 @@ int ocb_test(void)
              outct, tests[x].tag, len, &res)) != CRYPT_OK) {
            return err;
         }
-        if ((res != 1) || memcmp(tests[x].pt, outct, tests[x].ptlen)) {
+        if ((res != 1) || XMEMCMP(tests[x].pt, outct, tests[x].ptlen)) {
 #if 0
            unsigned long y;
            printf("\n\nFailure-decrypt: \nPT:\n");
@@ -233,5 +233,5 @@ int ocb_test(void)
 */
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/ocb_test.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/encauth/ocb/s_ocb_done.c b/libtomcrypt/src/encauth/ocb/s_ocb_done.c
index 7399b54..7688a42 100644
--- a/libtomcrypt/src/encauth/ocb/s_ocb_done.c
+++ b/libtomcrypt/src/encauth/ocb/s_ocb_done.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /** 
@@ -84,7 +84,9 @@ int s_ocb_done(ocb_state *ocb, const unsigned char *pt, unsigned long ptlen,
    }
 
    /* Y[m] = E(X[m])) */
-   cipher_descriptor[ocb->cipher].ecb_encrypt(X, Y, &ocb->key);
+   if ((err = cipher_descriptor[ocb->cipher].ecb_encrypt(X, Y, &ocb->key)) != CRYPT_OK) {
+      goto error;
+   }
 
    if (mode == 1) {
       /* decrypt mode, so let's xor it first */
@@ -113,7 +115,9 @@ int s_ocb_done(ocb_state *ocb, const unsigned char *pt, unsigned long ptlen,
    }
    
    /* encrypt checksum, er... tag!! */
-   cipher_descriptor[ocb->cipher].ecb_encrypt(ocb->checksum, X, &ocb->key);
+   if ((err = cipher_descriptor[ocb->cipher].ecb_encrypt(ocb->checksum, X, &ocb->key)) != CRYPT_OK) {
+      goto error;
+   }
    cipher_descriptor[ocb->cipher].done(&ocb->key);
 
    /* now store it */
@@ -128,17 +132,17 @@ int s_ocb_done(ocb_state *ocb, const unsigned char *pt, unsigned long ptlen,
    zeromem(Z, MAXBLOCKSIZE);
    zeromem(ocb, sizeof(*ocb));
 #endif
-   
+error:   
    XFREE(X);
    XFREE(Y);
    XFREE(Z);
 
-   return CRYPT_OK;
+   return err;
 }
 
 #endif
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/encauth/ocb/s_ocb_done.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/hashes/chc/chc.c b/libtomcrypt/src/hashes/chc/chc.c
index 4ff39f0..3f86270 100644
--- a/libtomcrypt/src/hashes/chc/chc.c
+++ b/libtomcrypt/src/hashes/chc/chc.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 #include "tomcrypt.h"
@@ -30,7 +30,8 @@ const struct ltc_hash_descriptor chc_desc = {
    &chc_init,
    &chc_process,
    &chc_done,
-   &chc_test
+   &chc_test,
+   NULL
 };
 
 /**
@@ -141,7 +142,7 @@ static int chc_compress(hash_state *md, unsigned char *buf)
       XFREE(key);
       return err;
    }
-   memcpy(T[1], buf, cipher_blocksize);
+   XMEMCPY(T[1], buf, cipher_blocksize);
    cipher_descriptor[cipher_idx].ecb_encrypt(buf, T[0], key);
    for (x = 0; x < cipher_blocksize; x++) {
        md->chc.state[x] ^= T[0][x] ^ T[1][x];
@@ -279,7 +280,7 @@ int chc_test(void)
        chc_init(&md);
        chc_process(&md, tests[x].msg, strlen((char *)tests[x].msg));
        chc_done(&md, out);
-       if (memcmp(out, tests[x].md, tests[x].len)) {
+       if (XMEMCMP(out, tests[x].md, tests[x].len)) {
           return CRYPT_FAIL_TESTVECTOR;
        }
    }
@@ -293,5 +294,5 @@ int chc_test(void)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/chc/chc.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/hashes/helper/hash_file.c b/libtomcrypt/src/hashes/helper/hash_file.c
index 50f726a..a92025c 100644
--- a/libtomcrypt/src/hashes/helper/hash_file.c
+++ b/libtomcrypt/src/hashes/helper/hash_file.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -53,5 +53,5 @@ int hash_file(int hash, const char *fname, unsigned char *out, unsigned long *ou
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/helper/hash_file.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/hashes/helper/hash_filehandle.c b/libtomcrypt/src/hashes/helper/hash_filehandle.c
index 201ef83..be2cbf9 100644
--- a/libtomcrypt/src/hashes/helper/hash_filehandle.c
+++ b/libtomcrypt/src/hashes/helper/hash_filehandle.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -42,6 +42,7 @@ int hash_filehandle(int hash, FILE *in, unsigned char *out, unsigned long *outle
     }
 
     if (*outlen < hash_descriptor[hash].hashsize) {
+       *outlen = hash_descriptor[hash].hashsize;
        return CRYPT_BUFFER_OVERFLOW;
     }
     if ((err = hash_descriptor[hash].init(&md)) != CRYPT_OK) {
@@ -66,5 +67,5 @@ int hash_filehandle(int hash, FILE *in, unsigned char *out, unsigned long *outle
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/helper/hash_filehandle.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/06/16 21:53:41 $ */
diff --git a/libtomcrypt/src/hashes/helper/hash_memory.c b/libtomcrypt/src/hashes/helper/hash_memory.c
index 7e849b4..def9fa7 100644
--- a/libtomcrypt/src/hashes/helper/hash_memory.c
+++ b/libtomcrypt/src/hashes/helper/hash_memory.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -38,6 +38,7 @@ int hash_memory(int hash, const unsigned char *in, unsigned long inlen, unsigned
     }
 
     if (*outlen < hash_descriptor[hash].hashsize) {
+       *outlen = hash_descriptor[hash].hashsize;
        return CRYPT_BUFFER_OVERFLOW;
     }
 
@@ -64,5 +65,5 @@ LBL_ERR:
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/helper/hash_memory.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/06/16 21:53:41 $ */
diff --git a/libtomcrypt/src/hashes/helper/hash_memory_multi.c b/libtomcrypt/src/hashes/helper/hash_memory_multi.c
index 8fcb8e9..91f2d0c 100644
--- a/libtomcrypt/src/hashes/helper/hash_memory_multi.c
+++ b/libtomcrypt/src/hashes/helper/hash_memory_multi.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 #include <stdarg.h>
@@ -43,6 +43,7 @@ int hash_memory_multi(int hash, unsigned char *out, unsigned long *outlen,
     }
 
     if (*outlen < hash_descriptor[hash].hashsize) {
+       *outlen = hash_descriptor[hash].hashsize;
        return CRYPT_BUFFER_OVERFLOW;
     }
 
@@ -82,5 +83,5 @@ LBL_ERR:
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/helper/hash_memory_multi.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/06/16 21:53:41 $ */
diff --git a/libtomcrypt/src/hashes/md2.c b/libtomcrypt/src/hashes/md2.c
index db60fbd..b917213 100644
--- a/libtomcrypt/src/hashes/md2.c
+++ b/libtomcrypt/src/hashes/md2.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -31,7 +31,8 @@ const struct ltc_hash_descriptor md2_desc =
     &md2_init,
     &md2_process,
     &md2_done,
-    &md2_test
+    &md2_test,
+    NULL
 };
 
 static const unsigned char PI_SUBST[256] = {
@@ -234,7 +235,7 @@ int md2_test(void)
        md2_init(&md);
        md2_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
        md2_done(&md, buf);
-       if (memcmp(buf, tests[i].md, 16) != 0) {
+       if (XMEMCMP(buf, tests[i].md, 16) != 0) {
           return CRYPT_FAIL_TESTVECTOR;
        }
    }
@@ -246,5 +247,5 @@ int md2_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/md2.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/23 02:42:07 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/hashes/md4.c b/libtomcrypt/src/hashes/md4.c
index 17ef35e..42645ef 100644
--- a/libtomcrypt/src/hashes/md4.c
+++ b/libtomcrypt/src/hashes/md4.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -31,7 +31,8 @@ const struct ltc_hash_descriptor md4_desc =
     &md4_init,
     &md4_process,
     &md4_done,
-    &md4_test
+    &md4_test,
+    NULL
 };
 
 #define S11 3
@@ -288,7 +289,7 @@ int md4_test(void)
         md4_init(&md);
         md4_process(&md, (unsigned char *)cases[i].input, (unsigned long)strlen(cases[i].input));
         md4_done(&md, digest);
-        if (memcmp(digest, cases[i].digest, 16) != 0) {
+        if (XMEMCMP(digest, cases[i].digest, 16) != 0) {
            return CRYPT_FAIL_TESTVECTOR;
         }
 
@@ -302,5 +303,5 @@ int md4_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/md4.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/23 02:42:07 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/hashes/md5.c b/libtomcrypt/src/hashes/md5.c
index fb8ff31..f6274f9 100644
--- a/libtomcrypt/src/hashes/md5.c
+++ b/libtomcrypt/src/hashes/md5.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -32,7 +32,8 @@ const struct ltc_hash_descriptor md5_desc =
     &md5_init,
     &md5_process,
     &md5_done,
-    &md5_test
+    &md5_test,
+    NULL
 };
 
 #define F(x,y,z)  (z ^ (x & (y ^ z)))
@@ -350,7 +351,7 @@ int  md5_test(void)
       md5_init(&md);
       md5_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
       md5_done(&md, tmp);
-      if (memcmp(tmp, tests[i].hash, 16) != 0) {
+      if (XMEMCMP(tmp, tests[i].hash, 16) != 0) {
          return CRYPT_FAIL_TESTVECTOR;
       }
   }
@@ -363,5 +364,5 @@ int  md5_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/md5.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/23 02:42:07 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/hashes/rmd128.c b/libtomcrypt/src/hashes/rmd128.c
index 1c663e4..d294626 100644
--- a/libtomcrypt/src/hashes/rmd128.c
+++ b/libtomcrypt/src/hashes/rmd128.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -37,7 +37,8 @@ const struct ltc_hash_descriptor rmd128_desc =
     &rmd128_init,
     &rmd128_process,
     &rmd128_done,
-    &rmd128_test
+    &rmd128_test,
+    NULL
 };
 
 /* the four basic functions F(), G() and H() */
@@ -390,7 +391,7 @@ int rmd128_test(void)
        rmd128_init(&md);
        rmd128_process(&md, (unsigned char *)tests[x].msg, strlen(tests[x].msg));
        rmd128_done(&md, buf);
-       if (memcmp(buf, tests[x].md, 16) != 0) {
+       if (XMEMCMP(buf, tests[x].md, 16) != 0) {
        #if 0
           printf("Failed test %d\n", x);
        #endif
@@ -405,5 +406,5 @@ int rmd128_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/rmd128.c,v $ */
-/* $Revision: 1.6 $ */
-/* $Date: 2005/05/23 02:42:07 $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/hashes/rmd160.c b/libtomcrypt/src/hashes/rmd160.c
index 6124f59..a1c090a 100644
--- a/libtomcrypt/src/hashes/rmd160.c
+++ b/libtomcrypt/src/hashes/rmd160.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -37,7 +37,8 @@ const struct ltc_hash_descriptor rmd160_desc =
     &rmd160_init,
     &rmd160_process,
     &rmd160_done,
-    &rmd160_test
+    &rmd160_test,
+    NULL
 };
 
 /* the five basic functions F(), G() and H() */
@@ -449,7 +450,7 @@ int rmd160_test(void)
        rmd160_init(&md);
        rmd160_process(&md, (unsigned char *)tests[x].msg, strlen(tests[x].msg));
        rmd160_done(&md, buf);
-       if (memcmp(buf, tests[x].md, 20) != 0) {
+       if (XMEMCMP(buf, tests[x].md, 20) != 0) {
 #if 0
           printf("Failed test %d\n", x);
 #endif
@@ -464,5 +465,5 @@ int rmd160_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/rmd160.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/23 02:42:07 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/hashes/rmd256.c b/libtomcrypt/src/hashes/rmd256.c
new file mode 100644
index 0000000..4540ef9
--- /dev/null
+++ b/libtomcrypt/src/hashes/rmd256.c
@@ -0,0 +1,431 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+   @param rmd256.c
+   RMD256 Hash function
+*/
+
+#ifdef RIPEMD256
+
+const struct ltc_hash_descriptor rmd256_desc =
+{
+    "rmd256",
+    8,
+    16,
+    64,
+
+    /* OID */
+   { 1, 3, 36, 3, 2, 3 },
+   6,
+
+    &rmd256_init,
+    &rmd256_process,
+    &rmd256_done,
+    &rmd256_test,
+    NULL
+};
+
+/* the four basic functions F(), G() and H() */
+#define F(x, y, z)        ((x) ^ (y) ^ (z))
+#define G(x, y, z)        (((x) & (y)) | (~(x) & (z)))
+#define H(x, y, z)        (((x) | ~(y)) ^ (z))
+#define I(x, y, z)        (((x) & (z)) | ((y) & ~(z)))
+
+/* the eight basic operations FF() through III() */
+#define FF(a, b, c, d, x, s)        \
+      (a) += F((b), (c), (d)) + (x);\
+      (a) = ROLc((a), (s));
+
+#define GG(a, b, c, d, x, s)        \
+      (a) += G((b), (c), (d)) + (x) + 0x5a827999UL;\
+      (a) = ROLc((a), (s));
+
+#define HH(a, b, c, d, x, s)        \
+      (a) += H((b), (c), (d)) + (x) + 0x6ed9eba1UL;\
+      (a) = ROLc((a), (s));
+
+#define II(a, b, c, d, x, s)        \
+      (a) += I((b), (c), (d)) + (x) + 0x8f1bbcdcUL;\
+      (a) = ROLc((a), (s));
+
+#define FFF(a, b, c, d, x, s)        \
+      (a) += F((b), (c), (d)) + (x);\
+      (a) = ROLc((a), (s));
+
+#define GGG(a, b, c, d, x, s)        \
+      (a) += G((b), (c), (d)) + (x) + 0x6d703ef3UL;\
+      (a) = ROLc((a), (s));
+
+#define HHH(a, b, c, d, x, s)        \
+      (a) += H((b), (c), (d)) + (x) + 0x5c4dd124UL;\
+      (a) = ROLc((a), (s));
+
+#define III(a, b, c, d, x, s)        \
+      (a) += I((b), (c), (d)) + (x) + 0x50a28be6UL;\
+      (a) = ROLc((a), (s));
+
+#ifdef LTC_CLEAN_STACK
+static int _rmd256_compress(hash_state *md, unsigned char *buf)
+#else
+static int  rmd256_compress(hash_state *md, unsigned char *buf)
+#endif
+{
+   ulong32 aa,bb,cc,dd,aaa,bbb,ccc,ddd,tmp,X[16];
+   int i;
+
+   /* load words X */
+   for (i = 0; i < 16; i++){
+      LOAD32L(X[i], buf + (4 * i));
+   }
+
+   /* load state */
+   aa = md->rmd256.state[0];
+   bb = md->rmd256.state[1];
+   cc = md->rmd256.state[2];
+   dd = md->rmd256.state[3];
+   aaa = md->rmd256.state[4];
+   bbb = md->rmd256.state[5];
+   ccc = md->rmd256.state[6];
+   ddd = md->rmd256.state[7];
+
+   /* round 1 */
+   FF(aa, bb, cc, dd, X[ 0], 11);
+   FF(dd, aa, bb, cc, X[ 1], 14);
+   FF(cc, dd, aa, bb, X[ 2], 15);
+   FF(bb, cc, dd, aa, X[ 3], 12);
+   FF(aa, bb, cc, dd, X[ 4],  5);
+   FF(dd, aa, bb, cc, X[ 5],  8);
+   FF(cc, dd, aa, bb, X[ 6],  7);
+   FF(bb, cc, dd, aa, X[ 7],  9);
+   FF(aa, bb, cc, dd, X[ 8], 11);
+   FF(dd, aa, bb, cc, X[ 9], 13);
+   FF(cc, dd, aa, bb, X[10], 14);
+   FF(bb, cc, dd, aa, X[11], 15);
+   FF(aa, bb, cc, dd, X[12],  6);
+   FF(dd, aa, bb, cc, X[13],  7);
+   FF(cc, dd, aa, bb, X[14],  9);
+   FF(bb, cc, dd, aa, X[15],  8);
+
+   /* parallel round 1 */
+   III(aaa, bbb, ccc, ddd, X[ 5],  8);
+   III(ddd, aaa, bbb, ccc, X[14],  9);
+   III(ccc, ddd, aaa, bbb, X[ 7],  9);
+   III(bbb, ccc, ddd, aaa, X[ 0], 11);
+   III(aaa, bbb, ccc, ddd, X[ 9], 13);
+   III(ddd, aaa, bbb, ccc, X[ 2], 15);
+   III(ccc, ddd, aaa, bbb, X[11], 15);
+   III(bbb, ccc, ddd, aaa, X[ 4],  5);
+   III(aaa, bbb, ccc, ddd, X[13],  7);
+   III(ddd, aaa, bbb, ccc, X[ 6],  7);
+   III(ccc, ddd, aaa, bbb, X[15],  8);
+   III(bbb, ccc, ddd, aaa, X[ 8], 11);
+   III(aaa, bbb, ccc, ddd, X[ 1], 14);
+   III(ddd, aaa, bbb, ccc, X[10], 14);
+   III(ccc, ddd, aaa, bbb, X[ 3], 12);
+   III(bbb, ccc, ddd, aaa, X[12],  6);
+
+   tmp = aa; aa = aaa; aaa = tmp;
+
+   /* round 2 */
+   GG(aa, bb, cc, dd, X[ 7],  7);
+   GG(dd, aa, bb, cc, X[ 4],  6);
+   GG(cc, dd, aa, bb, X[13],  8);
+   GG(bb, cc, dd, aa, X[ 1], 13);
+   GG(aa, bb, cc, dd, X[10], 11);
+   GG(dd, aa, bb, cc, X[ 6],  9);
+   GG(cc, dd, aa, bb, X[15],  7);
+   GG(bb, cc, dd, aa, X[ 3], 15);
+   GG(aa, bb, cc, dd, X[12],  7);
+   GG(dd, aa, bb, cc, X[ 0], 12);
+   GG(cc, dd, aa, bb, X[ 9], 15);
+   GG(bb, cc, dd, aa, X[ 5],  9);
+   GG(aa, bb, cc, dd, X[ 2], 11);
+   GG(dd, aa, bb, cc, X[14],  7);
+   GG(cc, dd, aa, bb, X[11], 13);
+   GG(bb, cc, dd, aa, X[ 8], 12);
+
+   /* parallel round 2 */
+   HHH(aaa, bbb, ccc, ddd, X[ 6],  9);
+   HHH(ddd, aaa, bbb, ccc, X[11], 13);
+   HHH(ccc, ddd, aaa, bbb, X[ 3], 15);
+   HHH(bbb, ccc, ddd, aaa, X[ 7],  7);
+   HHH(aaa, bbb, ccc, ddd, X[ 0], 12);
+   HHH(ddd, aaa, bbb, ccc, X[13],  8);
+   HHH(ccc, ddd, aaa, bbb, X[ 5],  9);
+   HHH(bbb, ccc, ddd, aaa, X[10], 11);
+   HHH(aaa, bbb, ccc, ddd, X[14],  7);
+   HHH(ddd, aaa, bbb, ccc, X[15],  7);
+   HHH(ccc, ddd, aaa, bbb, X[ 8], 12);
+   HHH(bbb, ccc, ddd, aaa, X[12],  7);
+   HHH(aaa, bbb, ccc, ddd, X[ 4],  6);
+   HHH(ddd, aaa, bbb, ccc, X[ 9], 15);
+   HHH(ccc, ddd, aaa, bbb, X[ 1], 13);
+   HHH(bbb, ccc, ddd, aaa, X[ 2], 11);
+
+   tmp = bb; bb = bbb; bbb = tmp;
+
+   /* round 3 */
+   HH(aa, bb, cc, dd, X[ 3], 11);
+   HH(dd, aa, bb, cc, X[10], 13);
+   HH(cc, dd, aa, bb, X[14],  6);
+   HH(bb, cc, dd, aa, X[ 4],  7);
+   HH(aa, bb, cc, dd, X[ 9], 14);
+   HH(dd, aa, bb, cc, X[15],  9);
+   HH(cc, dd, aa, bb, X[ 8], 13);
+   HH(bb, cc, dd, aa, X[ 1], 15);
+   HH(aa, bb, cc, dd, X[ 2], 14);
+   HH(dd, aa, bb, cc, X[ 7],  8);
+   HH(cc, dd, aa, bb, X[ 0], 13);
+   HH(bb, cc, dd, aa, X[ 6],  6);
+   HH(aa, bb, cc, dd, X[13],  5);
+   HH(dd, aa, bb, cc, X[11], 12);
+   HH(cc, dd, aa, bb, X[ 5],  7);
+   HH(bb, cc, dd, aa, X[12],  5);
+
+   /* parallel round 3 */
+   GGG(aaa, bbb, ccc, ddd, X[15],  9);
+   GGG(ddd, aaa, bbb, ccc, X[ 5],  7);
+   GGG(ccc, ddd, aaa, bbb, X[ 1], 15);
+   GGG(bbb, ccc, ddd, aaa, X[ 3], 11);
+   GGG(aaa, bbb, ccc, ddd, X[ 7],  8);
+   GGG(ddd, aaa, bbb, ccc, X[14],  6);
+   GGG(ccc, ddd, aaa, bbb, X[ 6],  6);
+   GGG(bbb, ccc, ddd, aaa, X[ 9], 14);
+   GGG(aaa, bbb, ccc, ddd, X[11], 12);
+   GGG(ddd, aaa, bbb, ccc, X[ 8], 13);
+   GGG(ccc, ddd, aaa, bbb, X[12],  5);
+   GGG(bbb, ccc, ddd, aaa, X[ 2], 14);
+   GGG(aaa, bbb, ccc, ddd, X[10], 13);
+   GGG(ddd, aaa, bbb, ccc, X[ 0], 13);
+   GGG(ccc, ddd, aaa, bbb, X[ 4],  7);
+   GGG(bbb, ccc, ddd, aaa, X[13],  5);
+
+   tmp = cc; cc = ccc; ccc = tmp;
+
+   /* round 4 */
+   II(aa, bb, cc, dd, X[ 1], 11);
+   II(dd, aa, bb, cc, X[ 9], 12);
+   II(cc, dd, aa, bb, X[11], 14);
+   II(bb, cc, dd, aa, X[10], 15);
+   II(aa, bb, cc, dd, X[ 0], 14);
+   II(dd, aa, bb, cc, X[ 8], 15);
+   II(cc, dd, aa, bb, X[12],  9);
+   II(bb, cc, dd, aa, X[ 4],  8);
+   II(aa, bb, cc, dd, X[13],  9);
+   II(dd, aa, bb, cc, X[ 3], 14);
+   II(cc, dd, aa, bb, X[ 7],  5);
+   II(bb, cc, dd, aa, X[15],  6);
+   II(aa, bb, cc, dd, X[14],  8);
+   II(dd, aa, bb, cc, X[ 5],  6);
+   II(cc, dd, aa, bb, X[ 6],  5);
+   II(bb, cc, dd, aa, X[ 2], 12);
+
+   /* parallel round 4 */
+   FFF(aaa, bbb, ccc, ddd, X[ 8], 15);
+   FFF(ddd, aaa, bbb, ccc, X[ 6],  5);
+   FFF(ccc, ddd, aaa, bbb, X[ 4],  8);
+   FFF(bbb, ccc, ddd, aaa, X[ 1], 11);
+   FFF(aaa, bbb, ccc, ddd, X[ 3], 14);
+   FFF(ddd, aaa, bbb, ccc, X[11], 14);
+   FFF(ccc, ddd, aaa, bbb, X[15],  6);
+   FFF(bbb, ccc, ddd, aaa, X[ 0], 14);
+   FFF(aaa, bbb, ccc, ddd, X[ 5],  6);
+   FFF(ddd, aaa, bbb, ccc, X[12],  9);
+   FFF(ccc, ddd, aaa, bbb, X[ 2], 12);
+   FFF(bbb, ccc, ddd, aaa, X[13],  9);
+   FFF(aaa, bbb, ccc, ddd, X[ 9], 12);
+   FFF(ddd, aaa, bbb, ccc, X[ 7],  5);
+   FFF(ccc, ddd, aaa, bbb, X[10], 15);
+   FFF(bbb, ccc, ddd, aaa, X[14],  8);
+
+   tmp = dd; dd = ddd; ddd = tmp;
+
+   /* combine results */
+   md->rmd256.state[0] += aa;
+   md->rmd256.state[1] += bb;
+   md->rmd256.state[2] += cc;
+   md->rmd256.state[3] += dd;
+   md->rmd256.state[4] += aaa;
+   md->rmd256.state[5] += bbb;
+   md->rmd256.state[6] += ccc;
+   md->rmd256.state[7] += ddd;
+
+   return CRYPT_OK;
+}
+
+#ifdef LTC_CLEAN_STACK
+static int rmd256_compress(hash_state *md, unsigned char *buf)
+{
+   int err;
+   err = _rmd256_compress(md, buf);
+   burn_stack(sizeof(ulong32) * 25 + sizeof(int));
+   return err;
+}
+#endif
+
+/**
+   Initialize the hash state
+   @param md   The hash state you wish to initialize
+   @return CRYPT_OK if successful
+*/
+int rmd256_init(hash_state * md)
+{
+   LTC_ARGCHK(md != NULL);
+   md->rmd256.state[0] = 0x67452301UL;
+   md->rmd256.state[1] = 0xefcdab89UL;
+   md->rmd256.state[2] = 0x98badcfeUL;
+   md->rmd256.state[3] = 0x10325476UL;
+   md->rmd256.state[4] = 0x76543210UL;
+   md->rmd256.state[5] = 0xfedcba98UL;
+   md->rmd256.state[6] = 0x89abcdefUL;
+   md->rmd256.state[7] = 0x01234567UL;
+   md->rmd256.curlen   = 0;
+   md->rmd256.length   = 0;
+   return CRYPT_OK;
+}
+
+/**
+   Process a block of memory though the hash
+   @param md     The hash state
+   @param in     The data to hash
+   @param inlen  The length of the data (octets)
+   @return CRYPT_OK if successful
+*/
+HASH_PROCESS(rmd256_process, rmd256_compress, rmd256, 64)
+
+/**
+   Terminate the hash to get the digest
+   @param md  The hash state
+   @param out [out] The destination of the hash (16 bytes)
+   @return CRYPT_OK if successful
+*/
+int rmd256_done(hash_state * md, unsigned char *out)
+{
+    int i;
+
+    LTC_ARGCHK(md  != NULL);
+    LTC_ARGCHK(out != NULL);
+
+    if (md->rmd256.curlen >= sizeof(md->rmd256.buf)) {
+       return CRYPT_INVALID_ARG;
+    }
+
+
+    /* increase the length of the message */
+    md->rmd256.length += md->rmd256.curlen * 8;
+
+    /* append the '1' bit */
+    md->rmd256.buf[md->rmd256.curlen++] = (unsigned char)0x80;
+
+    /* if the length is currently above 56 bytes we append zeros
+     * then compress.  Then we can fall back to padding zeros and length
+     * encoding like normal.
+     */
+    if (md->rmd256.curlen > 56) {
+        while (md->rmd256.curlen < 64) {
+            md->rmd256.buf[md->rmd256.curlen++] = (unsigned char)0;
+        }
+        rmd256_compress(md, md->rmd256.buf);
+        md->rmd256.curlen = 0;
+    }
+
+    /* pad upto 56 bytes of zeroes */
+    while (md->rmd256.curlen < 56) {
+        md->rmd256.buf[md->rmd256.curlen++] = (unsigned char)0;
+    }
+
+    /* store length */
+    STORE64L(md->rmd256.length, md->rmd256.buf+56);
+    rmd256_compress(md, md->rmd256.buf);
+
+    /* copy output */
+    for (i = 0; i < 8; i++) {
+        STORE32L(md->rmd256.state[i], out+(4*i));
+    }
+#ifdef LTC_CLEAN_STACK
+    zeromem(md, sizeof(hash_state));
+#endif
+   return CRYPT_OK;
+}
+
+/**
+  Self-test the hash
+  @return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled
+*/
+int rmd256_test(void)
+{
+#ifndef LTC_TEST
+   return CRYPT_NOP;
+#else
+   static const struct {
+        char *msg;
+        unsigned char md[32];
+   } tests[] = {
+   { "",
+     { 0x02, 0xba, 0x4c, 0x4e, 0x5f, 0x8e, 0xcd, 0x18,
+       0x77, 0xfc, 0x52, 0xd6, 0x4d, 0x30, 0xe3, 0x7a,
+       0x2d, 0x97, 0x74, 0xfb, 0x1e, 0x5d, 0x02, 0x63,
+       0x80, 0xae, 0x01, 0x68, 0xe3, 0xc5, 0x52, 0x2d }
+   },
+   { "a",
+     { 0xf9, 0x33, 0x3e, 0x45, 0xd8, 0x57, 0xf5, 0xd9,
+       0x0a, 0x91, 0xba, 0xb7, 0x0a, 0x1e, 0xba, 0x0c,
+       0xfb, 0x1b, 0xe4, 0xb0, 0x78, 0x3c, 0x9a, 0xcf,
+       0xcd, 0x88, 0x3a, 0x91, 0x34, 0x69, 0x29, 0x25 }
+   },
+   { "abc",
+     { 0xaf, 0xbd, 0x6e, 0x22, 0x8b, 0x9d, 0x8c, 0xbb,
+       0xce, 0xf5, 0xca, 0x2d, 0x03, 0xe6, 0xdb, 0xa1,
+       0x0a, 0xc0, 0xbc, 0x7d, 0xcb, 0xe4, 0x68, 0x0e,
+       0x1e, 0x42, 0xd2, 0xe9, 0x75, 0x45, 0x9b, 0x65 }
+   },
+   { "message digest",
+     { 0x87, 0xe9, 0x71, 0x75, 0x9a, 0x1c, 0xe4, 0x7a,
+       0x51, 0x4d, 0x5c, 0x91, 0x4c, 0x39, 0x2c, 0x90,
+       0x18, 0xc7, 0xc4, 0x6b, 0xc1, 0x44, 0x65, 0x55,
+       0x4a, 0xfc, 0xdf, 0x54, 0xa5, 0x07, 0x0c, 0x0e }
+   },
+   { "abcdefghijklmnopqrstuvwxyz",
+     { 0x64, 0x9d, 0x30, 0x34, 0x75, 0x1e, 0xa2, 0x16,
+       0x77, 0x6b, 0xf9, 0xa1, 0x8a, 0xcc, 0x81, 0xbc,
+       0x78, 0x96, 0x11, 0x8a, 0x51, 0x97, 0x96, 0x87,
+       0x82, 0xdd, 0x1f, 0xd9, 0x7d, 0x8d, 0x51, 0x33 }
+   },
+   { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+     { 0x57, 0x40, 0xa4, 0x08, 0xac, 0x16, 0xb7, 0x20,
+       0xb8, 0x44, 0x24, 0xae, 0x93, 0x1c, 0xbb, 0x1f,
+       0xe3, 0x63, 0xd1, 0xd0, 0xbf, 0x40, 0x17, 0xf1,
+       0xa8, 0x9f, 0x7e, 0xa6, 0xde, 0x77, 0xa0, 0xb8 }
+   }
+   };
+   int x;
+   unsigned char buf[32];
+   hash_state md;
+
+   for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
+       rmd256_init(&md);
+       rmd256_process(&md, (unsigned char *)tests[x].msg, strlen(tests[x].msg));
+       rmd256_done(&md, buf);
+       if (XMEMCMP(buf, tests[x].md, 32) != 0) {
+       #if 0
+          printf("Failed test %d\n", x);
+       #endif
+          return CRYPT_FAIL_TESTVECTOR;
+       }
+   }
+   return CRYPT_OK;
+#endif
+}
+
+#endif
+
diff --git a/libtomcrypt/src/hashes/rmd320.c b/libtomcrypt/src/hashes/rmd320.c
new file mode 100644
index 0000000..a11fca4
--- /dev/null
+++ b/libtomcrypt/src/hashes/rmd320.c
@@ -0,0 +1,495 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+   @file rmd320.c
+   RMD320 hash function
+*/
+
+#ifdef RIPEMD320
+
+const struct ltc_hash_descriptor rmd320_desc =
+{
+    "rmd320",
+    9,
+    20,
+    64,
+
+    /* OID */
+   { 0 },
+   0,
+
+    &rmd320_init,
+    &rmd320_process,
+    &rmd320_done,
+    &rmd320_test,
+    NULL
+};
+
+/* the five basic functions F(), G() and H() */
+#define F(x, y, z)        ((x) ^ (y) ^ (z))
+#define G(x, y, z)        (((x) & (y)) | (~(x) & (z)))
+#define H(x, y, z)        (((x) | ~(y)) ^ (z))
+#define I(x, y, z)        (((x) & (z)) | ((y) & ~(z)))
+#define J(x, y, z)        ((x) ^ ((y) | ~(z)))
+
+/* the ten basic operations FF() through III() */
+#define FF(a, b, c, d, e, x, s)        \
+      (a) += F((b), (c), (d)) + (x);\
+      (a) = ROLc((a), (s)) + (e);\
+      (c) = ROLc((c), 10);
+
+#define GG(a, b, c, d, e, x, s)        \
+      (a) += G((b), (c), (d)) + (x) + 0x5a827999UL;\
+      (a) = ROLc((a), (s)) + (e);\
+      (c) = ROLc((c), 10);
+
+#define HH(a, b, c, d, e, x, s)        \
+      (a) += H((b), (c), (d)) + (x) + 0x6ed9eba1UL;\
+      (a) = ROLc((a), (s)) + (e);\
+      (c) = ROLc((c), 10);
+
+#define II(a, b, c, d, e, x, s)        \
+      (a) += I((b), (c), (d)) + (x) + 0x8f1bbcdcUL;\
+      (a) = ROLc((a), (s)) + (e);\
+      (c) = ROLc((c), 10);
+
+#define JJ(a, b, c, d, e, x, s)        \
+      (a) += J((b), (c), (d)) + (x) + 0xa953fd4eUL;\
+      (a) = ROLc((a), (s)) + (e);\
+      (c) = ROLc((c), 10);
+
+#define FFF(a, b, c, d, e, x, s)        \
+      (a) += F((b), (c), (d)) + (x);\
+      (a) = ROLc((a), (s)) + (e);\
+      (c) = ROLc((c), 10);
+
+#define GGG(a, b, c, d, e, x, s)        \
+      (a) += G((b), (c), (d)) + (x) + 0x7a6d76e9UL;\
+      (a) = ROLc((a), (s)) + (e);\
+      (c) = ROLc((c), 10);
+
+#define HHH(a, b, c, d, e, x, s)        \
+      (a) += H((b), (c), (d)) + (x) + 0x6d703ef3UL;\
+      (a) = ROLc((a), (s)) + (e);\
+      (c) = ROLc((c), 10);
+
+#define III(a, b, c, d, e, x, s)        \
+      (a) += I((b), (c), (d)) + (x) + 0x5c4dd124UL;\
+      (a) = ROLc((a), (s)) + (e);\
+      (c) = ROLc((c), 10);
+
+#define JJJ(a, b, c, d, e, x, s)        \
+      (a) += J((b), (c), (d)) + (x) + 0x50a28be6UL;\
+      (a) = ROLc((a), (s)) + (e);\
+      (c) = ROLc((c), 10);
+
+
+#ifdef LTC_CLEAN_STACK
+static int _rmd320_compress(hash_state *md, unsigned char *buf)
+#else
+static int  rmd320_compress(hash_state *md, unsigned char *buf)
+#endif
+{
+   ulong32 aa,bb,cc,dd,ee,aaa,bbb,ccc,ddd,eee,tmp,X[16];
+   int i;
+
+   /* load words X */
+   for (i = 0; i < 16; i++){
+      LOAD32L(X[i], buf + (4 * i));
+   }
+
+   /* load state */
+   aa = md->rmd320.state[0];
+   bb = md->rmd320.state[1];
+   cc = md->rmd320.state[2];
+   dd = md->rmd320.state[3];
+   ee = md->rmd320.state[4];
+   aaa = md->rmd320.state[5];
+   bbb = md->rmd320.state[6];
+   ccc = md->rmd320.state[7];
+   ddd = md->rmd320.state[8];
+   eee = md->rmd320.state[9];
+
+   /* round 1 */
+   FF(aa, bb, cc, dd, ee, X[ 0], 11);
+   FF(ee, aa, bb, cc, dd, X[ 1], 14);
+   FF(dd, ee, aa, bb, cc, X[ 2], 15);
+   FF(cc, dd, ee, aa, bb, X[ 3], 12);
+   FF(bb, cc, dd, ee, aa, X[ 4],  5);
+   FF(aa, bb, cc, dd, ee, X[ 5],  8);
+   FF(ee, aa, bb, cc, dd, X[ 6],  7);
+   FF(dd, ee, aa, bb, cc, X[ 7],  9);
+   FF(cc, dd, ee, aa, bb, X[ 8], 11);
+   FF(bb, cc, dd, ee, aa, X[ 9], 13);
+   FF(aa, bb, cc, dd, ee, X[10], 14);
+   FF(ee, aa, bb, cc, dd, X[11], 15);
+   FF(dd, ee, aa, bb, cc, X[12],  6);
+   FF(cc, dd, ee, aa, bb, X[13],  7);
+   FF(bb, cc, dd, ee, aa, X[14],  9);
+   FF(aa, bb, cc, dd, ee, X[15],  8);
+
+   /* parallel round 1 */
+   JJJ(aaa, bbb, ccc, ddd, eee, X[ 5],  8);
+   JJJ(eee, aaa, bbb, ccc, ddd, X[14],  9);
+   JJJ(ddd, eee, aaa, bbb, ccc, X[ 7],  9);
+   JJJ(ccc, ddd, eee, aaa, bbb, X[ 0], 11);
+   JJJ(bbb, ccc, ddd, eee, aaa, X[ 9], 13);
+   JJJ(aaa, bbb, ccc, ddd, eee, X[ 2], 15);
+   JJJ(eee, aaa, bbb, ccc, ddd, X[11], 15);
+   JJJ(ddd, eee, aaa, bbb, ccc, X[ 4],  5);
+   JJJ(ccc, ddd, eee, aaa, bbb, X[13],  7);
+   JJJ(bbb, ccc, ddd, eee, aaa, X[ 6],  7);
+   JJJ(aaa, bbb, ccc, ddd, eee, X[15],  8);
+   JJJ(eee, aaa, bbb, ccc, ddd, X[ 8], 11);
+   JJJ(ddd, eee, aaa, bbb, ccc, X[ 1], 14);
+   JJJ(ccc, ddd, eee, aaa, bbb, X[10], 14);
+   JJJ(bbb, ccc, ddd, eee, aaa, X[ 3], 12);
+   JJJ(aaa, bbb, ccc, ddd, eee, X[12],  6);
+
+   tmp = aa; aa = aaa; aaa = tmp;
+
+   /* round 2 */
+   GG(ee, aa, bb, cc, dd, X[ 7],  7);
+   GG(dd, ee, aa, bb, cc, X[ 4],  6);
+   GG(cc, dd, ee, aa, bb, X[13],  8);
+   GG(bb, cc, dd, ee, aa, X[ 1], 13);
+   GG(aa, bb, cc, dd, ee, X[10], 11);
+   GG(ee, aa, bb, cc, dd, X[ 6],  9);
+   GG(dd, ee, aa, bb, cc, X[15],  7);
+   GG(cc, dd, ee, aa, bb, X[ 3], 15);
+   GG(bb, cc, dd, ee, aa, X[12],  7);
+   GG(aa, bb, cc, dd, ee, X[ 0], 12);
+   GG(ee, aa, bb, cc, dd, X[ 9], 15);
+   GG(dd, ee, aa, bb, cc, X[ 5],  9);
+   GG(cc, dd, ee, aa, bb, X[ 2], 11);
+   GG(bb, cc, dd, ee, aa, X[14],  7);
+   GG(aa, bb, cc, dd, ee, X[11], 13);
+   GG(ee, aa, bb, cc, dd, X[ 8], 12);
+
+   /* parallel round 2 */
+   III(eee, aaa, bbb, ccc, ddd, X[ 6],  9);
+   III(ddd, eee, aaa, bbb, ccc, X[11], 13);
+   III(ccc, ddd, eee, aaa, bbb, X[ 3], 15);
+   III(bbb, ccc, ddd, eee, aaa, X[ 7],  7);
+   III(aaa, bbb, ccc, ddd, eee, X[ 0], 12);
+   III(eee, aaa, bbb, ccc, ddd, X[13],  8);
+   III(ddd, eee, aaa, bbb, ccc, X[ 5],  9);
+   III(ccc, ddd, eee, aaa, bbb, X[10], 11);
+   III(bbb, ccc, ddd, eee, aaa, X[14],  7);
+   III(aaa, bbb, ccc, ddd, eee, X[15],  7);
+   III(eee, aaa, bbb, ccc, ddd, X[ 8], 12);
+   III(ddd, eee, aaa, bbb, ccc, X[12],  7);
+   III(ccc, ddd, eee, aaa, bbb, X[ 4],  6);
+   III(bbb, ccc, ddd, eee, aaa, X[ 9], 15);
+   III(aaa, bbb, ccc, ddd, eee, X[ 1], 13);
+   III(eee, aaa, bbb, ccc, ddd, X[ 2], 11);
+
+   tmp = bb; bb = bbb; bbb = tmp;
+
+   /* round 3 */
+   HH(dd, ee, aa, bb, cc, X[ 3], 11);
+   HH(cc, dd, ee, aa, bb, X[10], 13);
+   HH(bb, cc, dd, ee, aa, X[14],  6);
+   HH(aa, bb, cc, dd, ee, X[ 4],  7);
+   HH(ee, aa, bb, cc, dd, X[ 9], 14);
+   HH(dd, ee, aa, bb, cc, X[15],  9);
+   HH(cc, dd, ee, aa, bb, X[ 8], 13);
+   HH(bb, cc, dd, ee, aa, X[ 1], 15);
+   HH(aa, bb, cc, dd, ee, X[ 2], 14);
+   HH(ee, aa, bb, cc, dd, X[ 7],  8);
+   HH(dd, ee, aa, bb, cc, X[ 0], 13);
+   HH(cc, dd, ee, aa, bb, X[ 6],  6);
+   HH(bb, cc, dd, ee, aa, X[13],  5);
+   HH(aa, bb, cc, dd, ee, X[11], 12);
+   HH(ee, aa, bb, cc, dd, X[ 5],  7);
+   HH(dd, ee, aa, bb, cc, X[12],  5);
+
+   /* parallel round 3 */
+   HHH(ddd, eee, aaa, bbb, ccc, X[15],  9);
+   HHH(ccc, ddd, eee, aaa, bbb, X[ 5],  7);
+   HHH(bbb, ccc, ddd, eee, aaa, X[ 1], 15);
+   HHH(aaa, bbb, ccc, ddd, eee, X[ 3], 11);
+   HHH(eee, aaa, bbb, ccc, ddd, X[ 7],  8);
+   HHH(ddd, eee, aaa, bbb, ccc, X[14],  6);
+   HHH(ccc, ddd, eee, aaa, bbb, X[ 6],  6);
+   HHH(bbb, ccc, ddd, eee, aaa, X[ 9], 14);
+   HHH(aaa, bbb, ccc, ddd, eee, X[11], 12);
+   HHH(eee, aaa, bbb, ccc, ddd, X[ 8], 13);
+   HHH(ddd, eee, aaa, bbb, ccc, X[12],  5);
+   HHH(ccc, ddd, eee, aaa, bbb, X[ 2], 14);
+   HHH(bbb, ccc, ddd, eee, aaa, X[10], 13);
+   HHH(aaa, bbb, ccc, ddd, eee, X[ 0], 13);
+   HHH(eee, aaa, bbb, ccc, ddd, X[ 4],  7);
+   HHH(ddd, eee, aaa, bbb, ccc, X[13],  5);
+
+   tmp = cc; cc = ccc; ccc = tmp;
+
+   /* round 4 */
+   II(cc, dd, ee, aa, bb, X[ 1], 11);
+   II(bb, cc, dd, ee, aa, X[ 9], 12);
+   II(aa, bb, cc, dd, ee, X[11], 14);
+   II(ee, aa, bb, cc, dd, X[10], 15);
+   II(dd, ee, aa, bb, cc, X[ 0], 14);
+   II(cc, dd, ee, aa, bb, X[ 8], 15);
+   II(bb, cc, dd, ee, aa, X[12],  9);
+   II(aa, bb, cc, dd, ee, X[ 4],  8);
+   II(ee, aa, bb, cc, dd, X[13],  9);
+   II(dd, ee, aa, bb, cc, X[ 3], 14);
+   II(cc, dd, ee, aa, bb, X[ 7],  5);
+   II(bb, cc, dd, ee, aa, X[15],  6);
+   II(aa, bb, cc, dd, ee, X[14],  8);
+   II(ee, aa, bb, cc, dd, X[ 5],  6);
+   II(dd, ee, aa, bb, cc, X[ 6],  5);
+   II(cc, dd, ee, aa, bb, X[ 2], 12);
+
+   /* parallel round 4 */
+   GGG(ccc, ddd, eee, aaa, bbb, X[ 8], 15);
+   GGG(bbb, ccc, ddd, eee, aaa, X[ 6],  5);
+   GGG(aaa, bbb, ccc, ddd, eee, X[ 4],  8);
+   GGG(eee, aaa, bbb, ccc, ddd, X[ 1], 11);
+   GGG(ddd, eee, aaa, bbb, ccc, X[ 3], 14);
+   GGG(ccc, ddd, eee, aaa, bbb, X[11], 14);
+   GGG(bbb, ccc, ddd, eee, aaa, X[15],  6);
+   GGG(aaa, bbb, ccc, ddd, eee, X[ 0], 14);
+   GGG(eee, aaa, bbb, ccc, ddd, X[ 5],  6);
+   GGG(ddd, eee, aaa, bbb, ccc, X[12],  9);
+   GGG(ccc, ddd, eee, aaa, bbb, X[ 2], 12);
+   GGG(bbb, ccc, ddd, eee, aaa, X[13],  9);
+   GGG(aaa, bbb, ccc, ddd, eee, X[ 9], 12);
+   GGG(eee, aaa, bbb, ccc, ddd, X[ 7],  5);
+   GGG(ddd, eee, aaa, bbb, ccc, X[10], 15);
+   GGG(ccc, ddd, eee, aaa, bbb, X[14],  8);
+
+   tmp = dd; dd = ddd; ddd = tmp;
+
+   /* round 5 */
+   JJ(bb, cc, dd, ee, aa, X[ 4],  9);
+   JJ(aa, bb, cc, dd, ee, X[ 0], 15);
+   JJ(ee, aa, bb, cc, dd, X[ 5],  5);
+   JJ(dd, ee, aa, bb, cc, X[ 9], 11);
+   JJ(cc, dd, ee, aa, bb, X[ 7],  6);
+   JJ(bb, cc, dd, ee, aa, X[12],  8);
+   JJ(aa, bb, cc, dd, ee, X[ 2], 13);
+   JJ(ee, aa, bb, cc, dd, X[10], 12);
+   JJ(dd, ee, aa, bb, cc, X[14],  5);
+   JJ(cc, dd, ee, aa, bb, X[ 1], 12);
+   JJ(bb, cc, dd, ee, aa, X[ 3], 13);
+   JJ(aa, bb, cc, dd, ee, X[ 8], 14);
+   JJ(ee, aa, bb, cc, dd, X[11], 11);
+   JJ(dd, ee, aa, bb, cc, X[ 6],  8);
+   JJ(cc, dd, ee, aa, bb, X[15],  5);
+   JJ(bb, cc, dd, ee, aa, X[13],  6);
+
+   /* parallel round 5 */
+   FFF(bbb, ccc, ddd, eee, aaa, X[12] ,  8);
+   FFF(aaa, bbb, ccc, ddd, eee, X[15] ,  5);
+   FFF(eee, aaa, bbb, ccc, ddd, X[10] , 12);
+   FFF(ddd, eee, aaa, bbb, ccc, X[ 4] ,  9);
+   FFF(ccc, ddd, eee, aaa, bbb, X[ 1] , 12);
+   FFF(bbb, ccc, ddd, eee, aaa, X[ 5] ,  5);
+   FFF(aaa, bbb, ccc, ddd, eee, X[ 8] , 14);
+   FFF(eee, aaa, bbb, ccc, ddd, X[ 7] ,  6);
+   FFF(ddd, eee, aaa, bbb, ccc, X[ 6] ,  8);
+   FFF(ccc, ddd, eee, aaa, bbb, X[ 2] , 13);
+   FFF(bbb, ccc, ddd, eee, aaa, X[13] ,  6);
+   FFF(aaa, bbb, ccc, ddd, eee, X[14] ,  5);
+   FFF(eee, aaa, bbb, ccc, ddd, X[ 0] , 15);
+   FFF(ddd, eee, aaa, bbb, ccc, X[ 3] , 13);
+   FFF(ccc, ddd, eee, aaa, bbb, X[ 9] , 11);
+   FFF(bbb, ccc, ddd, eee, aaa, X[11] , 11);
+
+   tmp = ee; ee = eee; eee = tmp;
+
+   /* combine results */
+   md->rmd320.state[0] += aa;
+   md->rmd320.state[1] += bb;
+   md->rmd320.state[2] += cc;
+   md->rmd320.state[3] += dd;
+   md->rmd320.state[4] += ee;
+   md->rmd320.state[5] += aaa;
+   md->rmd320.state[6] += bbb;
+   md->rmd320.state[7] += ccc;
+   md->rmd320.state[8] += ddd;
+   md->rmd320.state[9] += eee;
+
+   return CRYPT_OK;
+}
+
+#ifdef LTC_CLEAN_STACK
+static int rmd320_compress(hash_state *md, unsigned char *buf)
+{
+   int err;
+   err = _rmd320_compress(md, buf);
+   burn_stack(sizeof(ulong32) * 27 + sizeof(int));
+   return err;
+}
+#endif
+
+/**
+   Initialize the hash state
+   @param md   The hash state you wish to initialize
+   @return CRYPT_OK if successful
+*/
+int rmd320_init(hash_state * md)
+{
+   LTC_ARGCHK(md != NULL);
+   md->rmd320.state[0] = 0x67452301UL;
+   md->rmd320.state[1] = 0xefcdab89UL;
+   md->rmd320.state[2] = 0x98badcfeUL;
+   md->rmd320.state[3] = 0x10325476UL;
+   md->rmd320.state[4] = 0xc3d2e1f0UL;
+   md->rmd320.state[5] = 0x76543210UL;
+   md->rmd320.state[6] = 0xfedcba98UL;
+   md->rmd320.state[7] = 0x89abcdefUL;
+   md->rmd320.state[8] = 0x01234567UL;
+   md->rmd320.state[9] = 0x3c2d1e0fUL;
+   md->rmd320.curlen   = 0;
+   md->rmd320.length   = 0;
+   return CRYPT_OK;
+}
+
+/**
+   Process a block of memory though the hash
+   @param md     The hash state
+   @param in     The data to hash
+   @param inlen  The length of the data (octets)
+   @return CRYPT_OK if successful
+*/
+HASH_PROCESS(rmd320_process, rmd320_compress, rmd320, 64)
+
+/**
+   Terminate the hash to get the digest
+   @param md  The hash state
+   @param out [out] The destination of the hash (20 bytes)
+   @return CRYPT_OK if successful
+*/
+int rmd320_done(hash_state * md, unsigned char *out)
+{
+    int i;
+
+    LTC_ARGCHK(md  != NULL);
+    LTC_ARGCHK(out != NULL);
+
+    if (md->rmd320.curlen >= sizeof(md->rmd320.buf)) {
+       return CRYPT_INVALID_ARG;
+    }
+
+
+    /* increase the length of the message */
+    md->rmd320.length += md->rmd320.curlen * 8;
+
+    /* append the '1' bit */
+    md->rmd320.buf[md->rmd320.curlen++] = (unsigned char)0x80;
+
+    /* if the length is currently above 56 bytes we append zeros
+     * then compress.  Then we can fall back to padding zeros and length
+     * encoding like normal.
+     */
+    if (md->rmd320.curlen > 56) {
+        while (md->rmd320.curlen < 64) {
+            md->rmd320.buf[md->rmd320.curlen++] = (unsigned char)0;
+        }
+        rmd320_compress(md, md->rmd320.buf);
+        md->rmd320.curlen = 0;
+    }
+
+    /* pad upto 56 bytes of zeroes */
+    while (md->rmd320.curlen < 56) {
+        md->rmd320.buf[md->rmd320.curlen++] = (unsigned char)0;
+    }
+
+    /* store length */
+    STORE64L(md->rmd320.length, md->rmd320.buf+56);
+    rmd320_compress(md, md->rmd320.buf);
+
+    /* copy output */
+    for (i = 0; i < 10; i++) {
+        STORE32L(md->rmd320.state[i], out+(4*i));
+    }
+#ifdef LTC_CLEAN_STACK
+    zeromem(md, sizeof(hash_state));
+#endif
+    return CRYPT_OK;
+}
+
+/**
+  Self-test the hash
+  @return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled
+*/
+int rmd320_test(void)
+{
+#ifndef LTC_TEST
+   return CRYPT_NOP;
+#else
+   static const struct {
+        char *msg;
+        unsigned char md[40];
+   } tests[] = {
+   { "",
+     { 0x22, 0xd6, 0x5d, 0x56, 0x61, 0x53, 0x6c, 0xdc, 0x75, 0xc1,
+       0xfd, 0xf5, 0xc6, 0xde, 0x7b, 0x41, 0xb9, 0xf2, 0x73, 0x25,
+       0xeb, 0xc6, 0x1e, 0x85, 0x57, 0x17, 0x7d, 0x70, 0x5a, 0x0e,
+       0xc8, 0x80, 0x15, 0x1c, 0x3a, 0x32, 0xa0, 0x08, 0x99, 0xb8 }
+   },
+   { "a",
+     { 0xce, 0x78, 0x85, 0x06, 0x38, 0xf9, 0x26, 0x58, 0xa5, 0xa5,
+       0x85, 0x09, 0x75, 0x79, 0x92, 0x6d, 0xda, 0x66, 0x7a, 0x57,
+       0x16, 0x56, 0x2c, 0xfc, 0xf6, 0xfb, 0xe7, 0x7f, 0x63, 0x54,
+       0x2f, 0x99, 0xb0, 0x47, 0x05, 0xd6, 0x97, 0x0d, 0xff, 0x5d }
+   },
+   { "abc",
+     { 0xde, 0x4c, 0x01, 0xb3, 0x05, 0x4f, 0x89, 0x30, 0xa7, 0x9d,
+       0x09, 0xae, 0x73, 0x8e, 0x92, 0x30, 0x1e, 0x5a, 0x17, 0x08,
+       0x5b, 0xef, 0xfd, 0xc1, 0xb8, 0xd1, 0x16, 0x71, 0x3e, 0x74,
+       0xf8, 0x2f, 0xa9, 0x42, 0xd6, 0x4c, 0xdb, 0xc4, 0x68, 0x2d }
+   },
+   { "message digest",
+     { 0x3a, 0x8e, 0x28, 0x50, 0x2e, 0xd4, 0x5d, 0x42, 0x2f, 0x68,
+       0x84, 0x4f, 0x9d, 0xd3, 0x16, 0xe7, 0xb9, 0x85, 0x33, 0xfa,
+       0x3f, 0x2a, 0x91, 0xd2, 0x9f, 0x84, 0xd4, 0x25, 0xc8, 0x8d,
+       0x6b, 0x4e, 0xff, 0x72, 0x7d, 0xf6, 0x6a, 0x7c, 0x01, 0x97 }
+   },
+   { "abcdefghijklmnopqrstuvwxyz",
+     { 0xca, 0xbd, 0xb1, 0x81, 0x0b, 0x92, 0x47, 0x0a, 0x20, 0x93,
+       0xaa, 0x6b, 0xce, 0x05, 0x95, 0x2c, 0x28, 0x34, 0x8c, 0xf4,
+       0x3f, 0xf6, 0x08, 0x41, 0x97, 0x51, 0x66, 0xbb, 0x40, 0xed,
+       0x23, 0x40, 0x04, 0xb8, 0x82, 0x44, 0x63, 0xe6, 0xb0, 0x09 }
+   },
+   { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+     { 0xd0, 0x34, 0xa7, 0x95, 0x0c, 0xf7, 0x22, 0x02, 0x1b, 0xa4,
+       0xb8, 0x4d, 0xf7, 0x69, 0xa5, 0xde, 0x20, 0x60, 0xe2, 0x59,
+       0xdf, 0x4c, 0x9b, 0xb4, 0xa4, 0x26, 0x8c, 0x0e, 0x93, 0x5b,
+       0xbc, 0x74, 0x70, 0xa9, 0x69, 0xc9, 0xd0, 0x72, 0xa1, 0xac }
+   }
+   };
+   int x;
+   unsigned char buf[40];
+   hash_state md;
+
+   for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
+       rmd320_init(&md);
+       rmd320_process(&md, (unsigned char *)tests[x].msg, strlen(tests[x].msg));
+       rmd320_done(&md, buf);
+       if (XMEMCMP(buf, tests[x].md, 40) != 0) {
+#if 0
+          printf("Failed test %d\n", x);
+#endif
+          return CRYPT_FAIL_TESTVECTOR;
+       }
+   }
+   return CRYPT_OK;
+#endif
+}
+
+#endif
+
diff --git a/libtomcrypt/src/hashes/sha1.c b/libtomcrypt/src/hashes/sha1.c
index a75d04d..8cc6855 100644
--- a/libtomcrypt/src/hashes/sha1.c
+++ b/libtomcrypt/src/hashes/sha1.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -32,7 +32,8 @@ const struct ltc_hash_descriptor sha1_desc =
     &sha1_init,
     &sha1_process,
     &sha1_done,
-    &sha1_test
+    &sha1_test,
+    NULL
 };
 
 #define F0(x,y,z)  (z ^ (x & (y ^ z)))
@@ -270,7 +271,7 @@ int  sha1_test(void)
       sha1_init(&md);
       sha1_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
       sha1_done(&md, tmp);
-      if (memcmp(tmp, tests[i].hash, 20) != 0) {
+      if (XMEMCMP(tmp, tests[i].hash, 20) != 0) {
          return CRYPT_FAIL_TESTVECTOR;
       }
   }
@@ -283,5 +284,5 @@ int  sha1_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/sha1.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/23 02:42:07 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/hashes/sha2/sha224.c b/libtomcrypt/src/hashes/sha2/sha224.c
index bff2fdf..f085d50 100644
--- a/libtomcrypt/src/hashes/sha2/sha224.c
+++ b/libtomcrypt/src/hashes/sha2/sha224.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 /**
    @param sha224.c
@@ -27,7 +27,8 @@ const struct ltc_hash_descriptor sha224_desc =
     &sha224_init,
     &sha256_process,
     &sha224_done,
-    &sha224_test
+    &sha224_test,
+    NULL
 };
 
 /* init the sha256 er... sha224 state ;-) */
@@ -110,7 +111,7 @@ int  sha224_test(void)
       sha224_init(&md);
       sha224_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
       sha224_done(&md, tmp);
-      if (memcmp(tmp, tests[i].hash, 28) != 0) {
+      if (XMEMCMP(tmp, tests[i].hash, 28) != 0) {
          return CRYPT_FAIL_TESTVECTOR;
       }
   }
@@ -120,5 +121,5 @@ int  sha224_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/sha2/sha224.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/23 02:42:07 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/hashes/sha2/sha256.c b/libtomcrypt/src/hashes/sha2/sha256.c
index c48c0f6..2b42cb7 100644
--- a/libtomcrypt/src/hashes/sha2/sha256.c
+++ b/libtomcrypt/src/hashes/sha2/sha256.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -31,12 +31,13 @@ const struct ltc_hash_descriptor sha256_desc =
     &sha256_init,
     &sha256_process,
     &sha256_done,
-    &sha256_test
+    &sha256_test,
+    NULL
 };
 
 #ifdef LTC_SMALL_CODE
 /* the K array */
-static const unsigned long K[64] = {
+static const ulong32 K[64] = {
     0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL, 0x3956c25bUL,
     0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL, 0xd807aa98UL, 0x12835b01UL,
     0x243185beUL, 0x550c7dc3UL, 0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL,
@@ -318,7 +319,7 @@ int  sha256_test(void)
       sha256_init(&md);
       sha256_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
       sha256_done(&md, tmp);
-      if (memcmp(tmp, tests[i].hash, 32) != 0) {
+      if (XMEMCMP(tmp, tests[i].hash, 32) != 0) {
          return CRYPT_FAIL_TESTVECTOR;
       }
   }
@@ -335,5 +336,5 @@ int  sha256_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/sha2/sha256.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/23 02:42:07 $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/hashes/sha2/sha384.c b/libtomcrypt/src/hashes/sha2/sha384.c
index 43f8fb6..ac7709c 100644
--- a/libtomcrypt/src/hashes/sha2/sha384.c
+++ b/libtomcrypt/src/hashes/sha2/sha384.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 /** 
    @param sha384.c
@@ -27,7 +27,8 @@ const struct ltc_hash_descriptor sha384_desc =
     &sha384_init,
     &sha512_process,
     &sha384_done,
-    &sha384_test
+    &sha384_test,
+    NULL
 };
 
 /**
@@ -116,7 +117,7 @@ int  sha384_test(void)
       sha384_init(&md);
       sha384_process(&md, (unsigned char*)tests[i].msg, (unsigned long)strlen(tests[i].msg));
       sha384_done(&md, tmp);
-      if (memcmp(tmp, tests[i].hash, 48) != 0) {
+      if (XMEMCMP(tmp, tests[i].hash, 48) != 0) {
          return CRYPT_FAIL_TESTVECTOR;
       }
   }
@@ -130,5 +131,5 @@ int  sha384_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/sha2/sha384.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/23 02:42:07 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/hashes/sha2/sha512.c b/libtomcrypt/src/hashes/sha2/sha512.c
index 7b6805b..08c95ef 100644
--- a/libtomcrypt/src/hashes/sha2/sha512.c
+++ b/libtomcrypt/src/hashes/sha2/sha512.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -31,7 +31,8 @@ const struct ltc_hash_descriptor sha512_desc =
     &sha512_init,
     &sha512_process,
     &sha512_done,
-    &sha512_test
+    &sha512_test,
+    NULL
 };
 
 /* the K array */
@@ -296,7 +297,7 @@ int  sha512_test(void)
       sha512_init(&md);
       sha512_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
       sha512_done(&md, tmp);
-      if (memcmp(tmp, tests[i].hash, 64) != 0) {
+      if (XMEMCMP(tmp, tests[i].hash, 64) != 0) {
          return CRYPT_FAIL_TESTVECTOR;
       }
   }
@@ -314,5 +315,5 @@ int  sha512_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/sha2/sha512.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/23 02:42:07 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/hashes/tiger.c b/libtomcrypt/src/hashes/tiger.c
index 250c186..9a4052c 100644
--- a/libtomcrypt/src/hashes/tiger.c
+++ b/libtomcrypt/src/hashes/tiger.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 #include "tomcrypt.h"
@@ -32,7 +32,8 @@ const struct ltc_hash_descriptor tiger_desc =
     &tiger_init,
     &tiger_process,
     &tiger_done,
-    &tiger_test
+    &tiger_test,
+    NULL
 };
 
 #define t1 (table)
@@ -774,7 +775,7 @@ int  tiger_test(void)
       tiger_init(&md);
       tiger_process(&md, (unsigned char *)tests[i].msg, (unsigned long)strlen(tests[i].msg));
       tiger_done(&md, tmp);
-      if (memcmp(tmp, tests[i].hash, 24) != 0) {
+      if (XMEMCMP(tmp, tests[i].hash, 24) != 0) {
           return CRYPT_FAIL_TESTVECTOR;
       }
   }
@@ -809,5 +810,5 @@ Hash of "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-ABCDEFG
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/tiger.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/23 02:42:07 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/hashes/whirl/whirl.c b/libtomcrypt/src/hashes/whirl/whirl.c
index 1bd7983..65e38a7 100644
--- a/libtomcrypt/src/hashes/whirl/whirl.c
+++ b/libtomcrypt/src/hashes/whirl/whirl.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /** 
@@ -32,7 +32,8 @@ const struct ltc_hash_descriptor whirlpool_desc =
     &whirlpool_init,
     &whirlpool_process,
     &whirlpool_done,
-    &whirlpool_test
+    &whirlpool_test,
+    NULL
 };
 
 /* the sboxes */
@@ -289,7 +290,7 @@ int  whirlpool_test(void)
       whirlpool_init(&md);
       whirlpool_process(&md, (unsigned char *)tests[i].msg, tests[i].len);
       whirlpool_done(&md, tmp);
-      if (memcmp(tmp, tests[i].hash, 64) != 0) {
+      if (XMEMCMP(tmp, tests[i].hash, 64) != 0) {
 #if 0      
          printf("\nFailed test %d\n", i);
          for (i = 0; i < 64; ) {
@@ -309,5 +310,5 @@ int  whirlpool_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/hashes/whirl/whirl.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/23 02:42:07 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/headers/ltc_tommath.h b/libtomcrypt/src/headers/ltc_tommath.h
deleted file mode 100644
index 2d62b4e..0000000
--- a/libtomcrypt/src/headers/ltc_tommath.h
+++ /dev/null
@@ -1,581 +0,0 @@
-/* LibTomMath, multiple-precision integer library -- Tom St Denis
- *
- * LibTomMath is a library that provides multiple-precision
- * integer arithmetic as well as number theoretic functionality.
- *
- * The library was designed directly after the MPI library by
- * Michael Fromberger but has been written from scratch with
- * additional optimizations in place.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- *
- * Tom St Denis, tomstdenis@iahu.ca, http://math.libtomcrypt.org
- */
-#ifndef BN_H_
-#define BN_H_
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <ctype.h>
-#include <limits.h>
-
-#include <tommath_class.h>
-
-#undef MIN
-#define MIN(x,y) ((x)<(y)?(x):(y))
-#undef MAX
-#define MAX(x,y) ((x)>(y)?(x):(y))
-
-#ifdef __cplusplus
-extern "C" {
-
-/* C++ compilers don't like assigning void * to mp_digit * */
-#define  OPT_CAST(x)  (x *)
-
-#else
-
-/* C on the other hand doesn't care */
-#define  OPT_CAST(x)
-
-#endif
-
-
-/* detect 64-bit mode if possible */
-#if defined(__x86_64__) 
-   #if !(defined(MP_64BIT) && defined(MP_16BIT) && defined(MP_8BIT))
-      #define MP_64BIT
-   #endif
-#endif
-
-/* some default configurations.
- *
- * A "mp_digit" must be able to hold DIGIT_BIT + 1 bits
- * A "mp_word" must be able to hold 2*DIGIT_BIT + 1 bits
- *
- * At the very least a mp_digit must be able to hold 7 bits
- * [any size beyond that is ok provided it doesn't overflow the data type]
- */
-#ifdef MP_8BIT
-   typedef unsigned char      mp_digit;
-   typedef unsigned short     mp_word;
-#elif defined(MP_16BIT)
-   typedef unsigned short     mp_digit;
-   typedef unsigned long      mp_word;
-#elif defined(MP_64BIT)
-   /* for GCC only on supported platforms */
-#ifndef CRYPT
-   typedef unsigned long long ulong64;
-   typedef signed long long   long64;
-#endif
-
-   typedef unsigned long      mp_digit;
-   typedef unsigned long      mp_word __attribute__ ((mode(TI)));
-
-   #define DIGIT_BIT          60
-#else
-   /* this is the default case, 28-bit digits */
-   
-   /* this is to make porting into LibTomCrypt easier :-) */
-#ifndef CRYPT
-   #if defined(_MSC_VER) || defined(__BORLANDC__) 
-      typedef unsigned __int64   ulong64;
-      typedef signed __int64     long64;
-   #else
-      typedef unsigned long long ulong64;
-      typedef signed long long   long64;
-   #endif
-#endif
-
-   typedef unsigned long      mp_digit;
-   typedef ulong64            mp_word;
-
-#ifdef MP_31BIT   
-   /* this is an extension that uses 31-bit digits */
-   #define DIGIT_BIT          31
-#else
-   /* default case is 28-bit digits, defines MP_28BIT as a handy macro to test */
-   #define DIGIT_BIT          28
-   #define MP_28BIT
-#endif   
-#endif
-
-/* define heap macros */
-#ifndef CRYPT
-   /* default to libc stuff */
-   #ifndef XMALLOC 
-       #define XMALLOC  malloc
-       #define XFREE    free
-       #define XREALLOC realloc
-       #define XCALLOC  calloc
-   #else
-      /* prototypes for our heap functions */
-      extern void *XMALLOC(size_t n);
-      extern void *XREALLOC(void *p, size_t n);
-      extern void *XCALLOC(size_t n, size_t s);
-      extern void XFREE(void *p);
-   #endif
-#endif
-
-
-/* otherwise the bits per digit is calculated automatically from the size of a mp_digit */
-#ifndef DIGIT_BIT
-   #define DIGIT_BIT     ((int)((CHAR_BIT * sizeof(mp_digit) - 1)))  /* bits per digit */
-#endif
-
-#define MP_DIGIT_BIT     DIGIT_BIT
-#define MP_MASK          ((((mp_digit)1)<<((mp_digit)DIGIT_BIT))-((mp_digit)1))
-#define MP_DIGIT_MAX     MP_MASK
-
-/* equalities */
-#define MP_LT        -1   /* less than */
-#define MP_EQ         0   /* equal to */
-#define MP_GT         1   /* greater than */
-
-#define MP_ZPOS       0   /* positive integer */
-#define MP_NEG        1   /* negative */
-
-#define MP_OKAY       0   /* ok result */
-#define MP_MEM        -2  /* out of mem */
-#define MP_VAL        -3  /* invalid input */
-#define MP_RANGE      MP_VAL
-
-#define MP_YES        1   /* yes response */
-#define MP_NO         0   /* no response */
-
-/* Primality generation flags */
-#define LTM_PRIME_BBS      0x0001 /* BBS style prime */
-#define LTM_PRIME_SAFE     0x0002 /* Safe prime (p-1)/2 == prime */
-#define LTM_PRIME_2MSB_ON  0x0008 /* force 2nd MSB to 1 */
-
-typedef int           mp_err;
-
-/* you'll have to tune these... */
-extern int KARATSUBA_MUL_CUTOFF,
-           KARATSUBA_SQR_CUTOFF,
-           TOOM_MUL_CUTOFF,
-           TOOM_SQR_CUTOFF;
-
-/* define this to use lower memory usage routines (exptmods mostly) */
-/* #define MP_LOW_MEM */
-
-/* default precision */
-#ifndef MP_PREC
-   #ifndef MP_LOW_MEM
-      #define MP_PREC                 64     /* default digits of precision */
-   #else
-      #define MP_PREC                 8      /* default digits of precision */
-   #endif   
-#endif
-
-/* size of comba arrays, should be at least 2 * 2**(BITS_PER_WORD - BITS_PER_DIGIT*2) */
-#define MP_WARRAY               (1 << (sizeof(mp_word) * CHAR_BIT - 2 * DIGIT_BIT + 1))
-
-/* the infamous mp_int structure */
-typedef struct  {
-    int used, alloc, sign;
-    mp_digit *dp;
-} mp_int;
-
-/* callback for mp_prime_random, should fill dst with random bytes and return how many read [upto len] */
-typedef int ltm_prime_callback(unsigned char *dst, int len, void *dat);
-
-
-#define USED(m)    ((m)->used)
-#define DIGIT(m,k) ((m)->dp[(k)])
-#define SIGN(m)    ((m)->sign)
-
-/* error code to char* string */
-char *mp_error_to_string(int code);
-
-/* ---> init and deinit bignum functions <--- */
-/* init a bignum */
-int mp_init(mp_int *a);
-
-/* free a bignum */
-void mp_clear(mp_int *a);
-
-/* init a null terminated series of arguments */
-int mp_init_multi(mp_int *mp, ...);
-
-/* clear a null terminated series of arguments */
-void mp_clear_multi(mp_int *mp, ...);
-
-/* exchange two ints */
-void mp_exch(mp_int *a, mp_int *b);
-
-/* shrink ram required for a bignum */
-int mp_shrink(mp_int *a);
-
-/* grow an int to a given size */
-int mp_grow(mp_int *a, int size);
-
-/* init to a given number of digits */
-int mp_init_size(mp_int *a, int size);
-
-/* ---> Basic Manipulations <--- */
-#define mp_iszero(a) (((a)->used == 0) ? MP_YES : MP_NO)
-#define mp_iseven(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? MP_YES : MP_NO)
-#define mp_isodd(a)  (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? MP_YES : MP_NO)
-
-/* set to zero */
-void mp_zero(mp_int *a);
-
-/* set to a digit */
-void mp_set(mp_int *a, mp_digit b);
-
-/* set a 32-bit const */
-int mp_set_int(mp_int *a, unsigned long b);
-
-/* get a 32-bit value */
-unsigned long mp_get_int(mp_int * a);
-
-/* initialize and set a digit */
-int mp_init_set (mp_int * a, mp_digit b);
-
-/* initialize and set 32-bit value */
-int mp_init_set_int (mp_int * a, unsigned long b);
-
-/* copy, b = a */
-int mp_copy(mp_int *a, mp_int *b);
-
-/* inits and copies, a = b */
-int mp_init_copy(mp_int *a, mp_int *b);
-
-/* trim unused digits */
-void mp_clamp(mp_int *a);
-
-/* ---> digit manipulation <--- */
-
-/* right shift by "b" digits */
-void mp_rshd(mp_int *a, int b);
-
-/* left shift by "b" digits */
-int mp_lshd(mp_int *a, int b);
-
-/* c = a / 2**b */
-int mp_div_2d(mp_int *a, int b, mp_int *c, mp_int *d);
-
-/* b = a/2 */
-int mp_div_2(mp_int *a, mp_int *b);
-
-/* c = a * 2**b */
-int mp_mul_2d(mp_int *a, int b, mp_int *c);
-
-/* b = a*2 */
-int mp_mul_2(mp_int *a, mp_int *b);
-
-/* c = a mod 2**d */
-int mp_mod_2d(mp_int *a, int b, mp_int *c);
-
-/* computes a = 2**b */
-int mp_2expt(mp_int *a, int b);
-
-/* Counts the number of lsbs which are zero before the first zero bit */
-int mp_cnt_lsb(mp_int *a);
-
-/* I Love Earth! */
-
-/* makes a pseudo-random int of a given size */
-int mp_rand(mp_int *a, int digits);
-
-/* ---> binary operations <--- */
-/* c = a XOR b  */
-int mp_xor(mp_int *a, mp_int *b, mp_int *c);
-
-/* c = a OR b */
-int mp_or(mp_int *a, mp_int *b, mp_int *c);
-
-/* c = a AND b */
-int mp_and(mp_int *a, mp_int *b, mp_int *c);
-
-/* ---> Basic arithmetic <--- */
-
-/* b = -a */
-int mp_neg(mp_int *a, mp_int *b);
-
-/* b = |a| */
-int mp_abs(mp_int *a, mp_int *b);
-
-/* compare a to b */
-int mp_cmp(mp_int *a, mp_int *b);
-
-/* compare |a| to |b| */
-int mp_cmp_mag(mp_int *a, mp_int *b);
-
-/* c = a + b */
-int mp_add(mp_int *a, mp_int *b, mp_int *c);
-
-/* c = a - b */
-int mp_sub(mp_int *a, mp_int *b, mp_int *c);
-
-/* c = a * b */
-int mp_mul(mp_int *a, mp_int *b, mp_int *c);
-
-/* b = a*a  */
-int mp_sqr(mp_int *a, mp_int *b);
-
-/* a/b => cb + d == a */
-int mp_div(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
-
-/* c = a mod b, 0 <= c < b  */
-int mp_mod(mp_int *a, mp_int *b, mp_int *c);
-
-/* ---> single digit functions <--- */
-
-/* compare against a single digit */
-int mp_cmp_d(mp_int *a, mp_digit b);
-
-/* c = a + b */
-int mp_add_d(mp_int *a, mp_digit b, mp_int *c);
-
-/* c = a - b */
-int mp_sub_d(mp_int *a, mp_digit b, mp_int *c);
-
-/* c = a * b */
-int mp_mul_d(mp_int *a, mp_digit b, mp_int *c);
-
-/* a/b => cb + d == a */
-int mp_div_d(mp_int *a, mp_digit b, mp_int *c, mp_digit *d);
-
-/* a/3 => 3c + d == a */
-int mp_div_3(mp_int *a, mp_int *c, mp_digit *d);
-
-/* c = a**b */
-int mp_expt_d(mp_int *a, mp_digit b, mp_int *c);
-
-/* c = a mod b, 0 <= c < b  */
-int mp_mod_d(mp_int *a, mp_digit b, mp_digit *c);
-
-/* ---> number theory <--- */
-
-/* d = a + b (mod c) */
-int mp_addmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
-
-/* d = a - b (mod c) */
-int mp_submod(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
-
-/* d = a * b (mod c) */
-int mp_mulmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
-
-/* c = a * a (mod b) */
-int mp_sqrmod(mp_int *a, mp_int *b, mp_int *c);
-
-/* c = 1/a (mod b) */
-int mp_invmod(mp_int *a, mp_int *b, mp_int *c);
-
-/* c = (a, b) */
-int mp_gcd(mp_int *a, mp_int *b, mp_int *c);
-
-/* produces value such that U1*a + U2*b = U3 */
-int mp_exteuclid(mp_int *a, mp_int *b, mp_int *U1, mp_int *U2, mp_int *U3);
-
-/* c = [a, b] or (a*b)/(a, b) */
-int mp_lcm(mp_int *a, mp_int *b, mp_int *c);
-
-/* finds one of the b'th root of a, such that |c|**b <= |a|
- *
- * returns error if a < 0 and b is even
- */
-int mp_n_root(mp_int *a, mp_digit b, mp_int *c);
-
-/* special sqrt algo */
-int mp_sqrt(mp_int *arg, mp_int *ret);
-
-/* is number a square? */
-int mp_is_square(mp_int *arg, int *ret);
-
-/* computes the jacobi c = (a | n) (or Legendre if b is prime)  */
-int mp_jacobi(mp_int *a, mp_int *n, int *c);
-
-/* used to setup the Barrett reduction for a given modulus b */
-int mp_reduce_setup(mp_int *a, mp_int *b);
-
-/* Barrett Reduction, computes a (mod b) with a precomputed value c
- *
- * Assumes that 0 < a <= b*b, note if 0 > a > -(b*b) then you can merely
- * compute the reduction as -1 * mp_reduce(mp_abs(a)) [pseudo code].
- */
-int mp_reduce(mp_int *a, mp_int *b, mp_int *c);
-
-/* setups the montgomery reduction */
-int mp_montgomery_setup(mp_int *a, mp_digit *mp);
-
-/* computes a = B**n mod b without division or multiplication useful for
- * normalizing numbers in a Montgomery system.
- */
-int mp_montgomery_calc_normalization(mp_int *a, mp_int *b);
-
-/* computes x/R == x (mod N) via Montgomery Reduction */
-int mp_montgomery_reduce(mp_int *a, mp_int *m, mp_digit mp);
-
-/* returns 1 if a is a valid DR modulus */
-int mp_dr_is_modulus(mp_int *a);
-
-/* sets the value of "d" required for mp_dr_reduce */
-void mp_dr_setup(mp_int *a, mp_digit *d);
-
-/* reduces a modulo b using the Diminished Radix method */
-int mp_dr_reduce(mp_int *a, mp_int *b, mp_digit mp);
-
-/* returns true if a can be reduced with mp_reduce_2k */
-int mp_reduce_is_2k(mp_int *a);
-
-/* determines k value for 2k reduction */
-int mp_reduce_2k_setup(mp_int *a, mp_digit *d);
-
-/* reduces a modulo b where b is of the form 2**p - k [0 <= a] */
-int mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d);
-
-/* returns true if a can be reduced with mp_reduce_2k_l */
-int mp_reduce_is_2k_l(mp_int *a);
-
-/* determines k value for 2k reduction */
-int mp_reduce_2k_setup_l(mp_int *a, mp_int *d);
-
-/* reduces a modulo b where b is of the form 2**p - k [0 <= a] */
-int mp_reduce_2k_l(mp_int *a, mp_int *n, mp_int *d);
-
-/* d = a**b (mod c) */
-int mp_exptmod(mp_int *a, mp_int *b, mp_int *c, mp_int *d);
-
-/* ---> Primes <--- */
-
-/* number of primes */
-#ifdef MP_8BIT
-   #define PRIME_SIZE      31
-#else
-   #define PRIME_SIZE      256
-#endif
-
-/* table of first PRIME_SIZE primes */
-extern const mp_digit ltm_prime_tab[];
-
-/* result=1 if a is divisible by one of the first PRIME_SIZE primes */
-int mp_prime_is_divisible(mp_int *a, int *result);
-
-/* performs one Fermat test of "a" using base "b".
- * Sets result to 0 if composite or 1 if probable prime
- */
-int mp_prime_fermat(mp_int *a, mp_int *b, int *result);
-
-/* performs one Miller-Rabin test of "a" using base "b".
- * Sets result to 0 if composite or 1 if probable prime
- */
-int mp_prime_miller_rabin(mp_int *a, mp_int *b, int *result);
-
-/* This gives [for a given bit size] the number of trials required
- * such that Miller-Rabin gives a prob of failure lower than 2^-96 
- */
-int mp_prime_rabin_miller_trials(int size);
-
-/* performs t rounds of Miller-Rabin on "a" using the first
- * t prime bases.  Also performs an initial sieve of trial
- * division.  Determines if "a" is prime with probability
- * of error no more than (1/4)**t.
- *
- * Sets result to 1 if probably prime, 0 otherwise
- */
-int mp_prime_is_prime(mp_int *a, int t, int *result);
-
-/* finds the next prime after the number "a" using "t" trials
- * of Miller-Rabin.
- *
- * bbs_style = 1 means the prime must be congruent to 3 mod 4
- */
-int mp_prime_next_prime(mp_int *a, int t, int bbs_style);
-
-/* makes a truly random prime of a given size (bytes),
- * call with bbs = 1 if you want it to be congruent to 3 mod 4 
- *
- * You have to supply a callback which fills in a buffer with random bytes.  "dat" is a parameter you can
- * have passed to the callback (e.g. a state or something).  This function doesn't use "dat" itself
- * so it can be NULL
- *
- * The prime generated will be larger than 2^(8*size).
- */
-#define mp_prime_random(a, t, size, bbs, cb, dat) mp_prime_random_ex(a, t, ((size) * 8) + 1, (bbs==1)?LTM_PRIME_BBS:0, cb, dat)
-
-/* makes a truly random prime of a given size (bits),
- *
- * Flags are as follows:
- * 
- *   LTM_PRIME_BBS      - make prime congruent to 3 mod 4
- *   LTM_PRIME_SAFE     - make sure (p-1)/2 is prime as well (implies LTM_PRIME_BBS)
- *   LTM_PRIME_2MSB_OFF - make the 2nd highest bit zero
- *   LTM_PRIME_2MSB_ON  - make the 2nd highest bit one
- *
- * You have to supply a callback which fills in a buffer with random bytes.  "dat" is a parameter you can
- * have passed to the callback (e.g. a state or something).  This function doesn't use "dat" itself
- * so it can be NULL
- *
- */
-int mp_prime_random_ex(mp_int *a, int t, int size, int flags, ltm_prime_callback cb, void *dat);
-
-/* ---> radix conversion <--- */
-int mp_count_bits(mp_int *a);
-
-int mp_unsigned_bin_size(mp_int *a);
-int mp_read_unsigned_bin(mp_int *a, const unsigned char *b, int c);
-int mp_to_unsigned_bin(mp_int *a, unsigned char *b);
-int mp_to_unsigned_bin_n (mp_int * a, unsigned char *b, unsigned long *outlen);
-
-int mp_signed_bin_size(mp_int *a);
-int mp_read_signed_bin(mp_int *a, const unsigned char *b, int c);
-int mp_to_signed_bin(mp_int *a,  unsigned char *b);
-int mp_to_signed_bin_n (mp_int * a, unsigned char *b, unsigned long *outlen);
-
-int mp_read_radix(mp_int *a, const char *str, int radix);
-int mp_toradix(mp_int *a, char *str, int radix);
-int mp_toradix_n(mp_int * a, char *str, int radix, int maxlen);
-int mp_radix_size(mp_int *a, int radix, int *size);
-
-int mp_fread(mp_int *a, int radix, FILE *stream);
-int mp_fwrite(mp_int *a, int radix, FILE *stream);
-
-#define mp_read_raw(mp, str, len) mp_read_signed_bin((mp), (str), (len))
-#define mp_raw_size(mp)           mp_signed_bin_size(mp)
-#define mp_toraw(mp, str)         mp_to_signed_bin((mp), (str))
-#define mp_read_mag(mp, str, len) mp_read_unsigned_bin((mp), (str), (len))
-#define mp_mag_size(mp)           mp_unsigned_bin_size(mp)
-#define mp_tomag(mp, str)         mp_to_unsigned_bin((mp), (str))
-
-#define mp_tobinary(M, S)  mp_toradix((M), (S), 2)
-#define mp_tooctal(M, S)   mp_toradix((M), (S), 8)
-#define mp_todecimal(M, S) mp_toradix((M), (S), 10)
-#define mp_tohex(M, S)     mp_toradix((M), (S), 16)
-
-/* lowlevel functions, do not call! */
-int s_mp_add(mp_int *a, mp_int *b, mp_int *c);
-int s_mp_sub(mp_int *a, mp_int *b, mp_int *c);
-#define s_mp_mul(a, b, c) s_mp_mul_digs(a, b, c, (a)->used + (b)->used + 1)
-int fast_s_mp_mul_digs(mp_int *a, mp_int *b, mp_int *c, int digs);
-int s_mp_mul_digs(mp_int *a, mp_int *b, mp_int *c, int digs);
-int fast_s_mp_mul_high_digs(mp_int *a, mp_int *b, mp_int *c, int digs);
-int s_mp_mul_high_digs(mp_int *a, mp_int *b, mp_int *c, int digs);
-int fast_s_mp_sqr(mp_int *a, mp_int *b);
-int s_mp_sqr(mp_int *a, mp_int *b);
-int mp_karatsuba_mul(mp_int *a, mp_int *b, mp_int *c);
-int mp_toom_mul(mp_int *a, mp_int *b, mp_int *c);
-int mp_karatsuba_sqr(mp_int *a, mp_int *b);
-int mp_toom_sqr(mp_int *a, mp_int *b);
-int fast_mp_invmod(mp_int *a, mp_int *b, mp_int *c);
-int mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c);
-int fast_mp_montgomery_reduce(mp_int *a, mp_int *m, mp_digit mp);
-int mp_exptmod_fast(mp_int *G, mp_int *X, mp_int *P, mp_int *Y, int mode);
-int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int mode);
-void bn_reverse(unsigned char *s, int len);
-
-extern const char *mp_s_rmap;
-
-#ifdef __cplusplus
-   }
-#endif
-
-#endif
-
-
-/* $Source: /cvs/libtom/libtomcrypt/src/headers/ltc_tommath.h,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
diff --git a/libtomcrypt/src/headers/tomcrypt.h b/libtomcrypt/src/headers/tomcrypt.h
index 4804194..15ccd04 100644
--- a/libtomcrypt/src/headers/tomcrypt.h
+++ b/libtomcrypt/src/headers/tomcrypt.h
@@ -16,8 +16,8 @@ extern "C" {
 #endif
 
 /* version */
-#define CRYPT   0x0105
-#define SCRYPT  "1.05"
+#define CRYPT   0x0116
+#define SCRYPT  "1.16"
 
 /* max size of either a cipher/hash block or symmetric key [largest of the two] */
 #define MAXBLOCKSIZE  128
@@ -60,7 +60,8 @@ enum {
    CRYPT_PK_NOT_FOUND,     /* Key not found in keyring */
    CRYPT_PK_INVALID_SIZE,  /* Invalid size input for PK parameters */
 
-   CRYPT_INVALID_PRIME_SIZE/* Invalid size of prime requested */
+   CRYPT_INVALID_PRIME_SIZE,/* Invalid size of prime requested */
+   CRYPT_PK_INVALID_PADDING /* Invalid padding on input */
 };
 
 #include <tomcrypt_cfg.h>
@@ -70,6 +71,7 @@ enum {
 #include <tomcrypt_mac.h>
 #include <tomcrypt_prng.h>
 #include <tomcrypt_pk.h>
+#include <tomcrypt_math.h>
 #include <tomcrypt_misc.h>
 #include <tomcrypt_argchk.h>
 #include <tomcrypt_pkcs.h>
@@ -82,5 +84,5 @@ enum {
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt.h,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/06/19 18:03:25 $ */
+/* $Revision: 1.20 $ */
+/* $Date: 2006/11/26 01:45:14 $ */
diff --git a/libtomcrypt/src/headers/tomcrypt_argchk.h b/libtomcrypt/src/headers/tomcrypt_argchk.h
index ef344ee..cfc93ad 100644
--- a/libtomcrypt/src/headers/tomcrypt_argchk.h
+++ b/libtomcrypt/src/headers/tomcrypt_argchk.h
@@ -7,19 +7,32 @@
 /* this is the default LibTomCrypt macro  */
 void crypt_argchk(char *v, char *s, int d);
 #define LTC_ARGCHK(x) if (!(x)) { crypt_argchk(#x, __FILE__, __LINE__); }
+#define LTC_ARGCHKVD(x) LTC_ARGCHK(x)
 
 #elif ARGTYPE == 1
 
 /* fatal type of error */
 #define LTC_ARGCHK(x) assert((x))
+#define LTC_ARGCHKVD(x) LTC_ARGCHK(x)
 
 #elif ARGTYPE == 2
 
+#define LTC_ARGCHK(x) if (!(x)) { fprintf(stderr, "\nwarning: ARGCHK failed at %s:%d\n", __FILE__, __LINE__); }
+#define LTC_ARGCHKVD(x) LTC_ARGCHK(x)
+
+#elif ARGTYPE == 3
+
 #define LTC_ARGCHK(x) 
+#define LTC_ARGCHKVD(x) LTC_ARGCHK(x)
+
+#elif ARGTYPE == 4
+
+#define LTC_ARGCHK(x)   if (!(x)) return CRYPT_INVALID_ARG;
+#define LTC_ARGCHKVD(x) if (!(x)) return;
 
 #endif
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_argchk.h,v $ */
-/* $Revision: 1.2 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/08/27 20:50:21 $ */
diff --git a/libtomcrypt/src/headers/tomcrypt_cfg.h b/libtomcrypt/src/headers/tomcrypt_cfg.h
index 1d5bc6c..7feae6e 100644
--- a/libtomcrypt/src/headers/tomcrypt_cfg.h
+++ b/libtomcrypt/src/headers/tomcrypt_cfg.h
@@ -7,21 +7,46 @@
 #ifndef TOMCRYPT_CFG_H
 #define TOMCRYPT_CFG_H
 
+#if defined(_WIN32) || defined(_MSC_VER)
+#define LTC_CALL __cdecl
+#else
+#ifndef LTC_CALL
+   #define LTC_CALL
+#endif
+#endif
+
+#ifndef LTC_EXPORT
+#define LTC_EXPORT
+#endif
+
+/* certain platforms use macros for these, making the prototypes broken */
+#ifndef LTC_NO_PROTOTYPES
+
 /* you can change how memory allocation works ... */
-void *XMALLOC(size_t n);
-void *XREALLOC(void *p, size_t n);
-void *XCALLOC(size_t n, size_t s);
-void XFREE(void *p);
+LTC_EXPORT void * LTC_CALL XMALLOC(size_t n);
+LTC_EXPORT void * LTC_CALL XREALLOC(void *p, size_t n);
+LTC_EXPORT void * LTC_CALL XCALLOC(size_t n, size_t s);
+LTC_EXPORT void LTC_CALL XFREE(void *p);
+
+LTC_EXPORT void LTC_CALL XQSORT(void *base, size_t nmemb, size_t size, int(*compar)(const void *, const void *));
+
 
 /* change the clock function too */
- clock_t XCLOCK(void);
+LTC_EXPORT clock_t LTC_CALL XCLOCK(void);
 
 /* various other functions */
-void *XMEMCPY(void *dest, const void *src, size_t n);
-int   XMEMCMP(const void *s1, const void *s2, size_t n);
+LTC_EXPORT void * LTC_CALL XMEMCPY(void *dest, const void *src, size_t n);
+LTC_EXPORT int   LTC_CALL XMEMCMP(const void *s1, const void *s2, size_t n);
+LTC_EXPORT void * LTC_CALL XMEMSET(void *s, int c, size_t n);
+
+LTC_EXPORT int   LTC_CALL XSTRCMP(const char *s1, const char *s2);
 
-/* type of argument checking, 0=default, 1=fatal and 2=none */
-#define ARGTYPE  0
+#endif
+
+/* type of argument checking, 0=default, 1=fatal and 2=error+continue, 3=nothing */
+#ifndef ARGTYPE
+   #define ARGTYPE  0
+#endif
 
 /* Controls endianess and size of registers.  Leave uncommented to get platform neutral [slower] code 
  * 
@@ -31,7 +56,7 @@ int   XMEMCMP(const void *s1, const void *s2, size_t n);
  */
 
 /* detect x86-32 machines somewhat */
-#if defined(INTEL_CC) || (defined(_MSC_VER) && defined(WIN32)) || (defined(__GNUC__) && (defined(__DJGPP__) || defined(__CYGWIN__) || defined(__MINGW32__) || defined(__i386__)))
+#if !defined(__STRICT_ANSI__) && (defined(INTEL_CC) || (defined(_MSC_VER) && defined(WIN32)) || (defined(__GNUC__) && (defined(__DJGPP__) || defined(__CYGWIN__) || defined(__MINGW32__) || defined(__i386__))))
    #define ENDIAN_LITTLE
    #define ENDIAN_32BITWORD
    #define LTC_FAST
@@ -45,13 +70,32 @@ int   XMEMCMP(const void *s1, const void *s2, size_t n);
 #endif
 
 /* detect amd64 */
-#if defined(__x86_64__)
+#if !defined(__STRICT_ANSI__) && defined(__x86_64__)
    #define ENDIAN_LITTLE
    #define ENDIAN_64BITWORD
    #define LTC_FAST
    #define LTC_FAST_TYPE    unsigned long
 #endif
 
+/* detect PPC32 */
+#if !defined(__STRICT_ANSI__) && defined(LTC_PPC32)
+   #define ENDIAN_BIG
+   #define ENDIAN_32BITWORD
+   #define LTC_FAST
+   #define LTC_FAST_TYPE    unsigned long
+#endif   
+
+/* detect sparc and sparc64 */
+#if defined(__sparc__)
+  #define ENDIAN_BIG
+  #if defined(__arch64__)
+    #define ENDIAN_64BITWORD
+  #else
+    #define ENDIAN_32BITWORD
+  #endif
+#endif
+
+
 #ifdef LTC_NO_FAST
    #ifdef LTC_FAST
       #undef LTC_FAST
@@ -77,36 +121,16 @@ int   XMEMCMP(const void *s1, const void *s2, size_t n);
 /* #define ENDIAN_64BITWORD */
 
 #if (defined(ENDIAN_BIG) || defined(ENDIAN_LITTLE)) && !(defined(ENDIAN_32BITWORD) || defined(ENDIAN_64BITWORD))
-    #error You must specify a word size as well as endianess in mycrypt_cfg.h
+    #error You must specify a word size as well as endianess in tomcrypt_cfg.h
 #endif
 
 #if !(defined(ENDIAN_BIG) || defined(ENDIAN_LITTLE))
    #define ENDIAN_NEUTRAL
 #endif
 
-/* packet code */
-#if defined(MRSA) || defined(MDH) || defined(MECC)
-    #define PACKET
-
-    /* size of a packet header in bytes */
-    #define PACKET_SIZE            4
-
-    /* Section tags */
-    #define PACKET_SECT_RSA        0
-    #define PACKET_SECT_DH         1
-    #define PACKET_SECT_ECC        2
-    #define PACKET_SECT_DSA        3
-
-    /* Subsection Tags for the first three sections */
-    #define PACKET_SUB_KEY         0
-    #define PACKET_SUB_ENCRYPTED   1
-    #define PACKET_SUB_SIGNED      2
-    #define PACKET_SUB_ENC_KEY     3
-#endif
-
 #endif
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_cfg.h,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.19 $ */
+/* $Date: 2006/12/04 02:19:48 $ */
diff --git a/libtomcrypt/src/headers/tomcrypt_cipher.h b/libtomcrypt/src/headers/tomcrypt_cipher.h
index 4f00302..62a26c7 100644
--- a/libtomcrypt/src/headers/tomcrypt_cipher.h
+++ b/libtomcrypt/src/headers/tomcrypt_cipher.h
@@ -37,6 +37,20 @@ struct rijndael_key {
 };
 #endif
 
+#ifdef KSEED
+struct kseed_key {
+    ulong32 K[32], dK[32];
+};
+#endif
+
+#ifdef LTC_KASUMI
+struct kasumi_key {
+    ulong32 KLi1[8], KLi2[8],
+            KOi1[8], KOi2[8], KOi3[8],
+            KIi1[8], KIi2[8], KIi3[8];
+};
+#endif
+
 #ifdef XTEA
 struct xtea_key {
    unsigned long A[32], B[32];
@@ -164,10 +178,17 @@ typedef union Symmetric_key {
 #ifdef ANUBIS
    struct anubis_key   anubis;
 #endif
+#ifdef KSEED
+   struct kseed_key    kseed;
+#endif
+#ifdef LTC_KASUMI
+   struct kasumi_key   kasumi;
+#endif  
    void   *data;
 } symmetric_key;
 
-/* A block cipher ECB structure */
+#ifdef LTC_ECB_MODE
+/** A block cipher ECB structure */
 typedef struct {
    /** The index of the cipher chosen */
    int                 cipher, 
@@ -176,8 +197,10 @@ typedef struct {
    /** The scheduled key */                       
    symmetric_key       key;
 } symmetric_ECB;
+#endif
 
-/* A block cipher CFB structure */
+#ifdef LTC_CFB_MODE
+/** A block cipher CFB structure */
 typedef struct {
    /** The index of the cipher chosen */
    int                 cipher, 
@@ -192,8 +215,10 @@ typedef struct {
    /** The scheduled key */
    symmetric_key       key;
 } symmetric_CFB;
+#endif
 
-/* A block cipher OFB structure */
+#ifdef LTC_OFB_MODE
+/** A block cipher OFB structure */
 typedef struct {
    /** The index of the cipher chosen */
    int                 cipher, 
@@ -206,8 +231,10 @@ typedef struct {
    /** The scheduled key */
    symmetric_key       key;
 } symmetric_OFB;
+#endif
 
-/* A block cipher CBC structure */
+#ifdef LTC_CBC_MODE
+/** A block cipher CBC structure */
 typedef struct {
    /** The index of the cipher chosen */
    int                 cipher, 
@@ -218,8 +245,11 @@ typedef struct {
    /** The scheduled key */
    symmetric_key       key;
 } symmetric_CBC;
+#endif
+
 
-/* A block cipher CTR structure */
+#ifdef LTC_CTR_MODE
+/** A block cipher CTR structure */
 typedef struct {
    /** The index of the cipher chosen */
    int                 cipher,
@@ -236,8 +266,55 @@ typedef struct {
    /** The scheduled key */
    symmetric_key       key;
 } symmetric_CTR;
+#endif
+
+
+#ifdef LTC_LRW_MODE
+/** A LRW structure */
+typedef struct {
+    /** The index of the cipher chosen (must be a 128-bit block cipher) */
+    int               cipher;
+
+    /** The current IV */
+    unsigned char     IV[16],
+ 
+    /** the tweak key */
+                      tweak[16],
+
+    /** The current pad, it's the product of the first 15 bytes against the tweak key */
+                      pad[16];
+
+    /** The scheduled symmetric key */
+    symmetric_key     key;
 
-/* cipher descriptor table, last entry has "name == NULL" to mark the end of table */
+#ifdef LRW_TABLES
+    /** The pre-computed multiplication table */
+    unsigned char     PC[16][256][16];
+#endif
+} symmetric_LRW;
+#endif
+
+#ifdef LTC_F8_MODE
+/** A block cipher F8 structure */
+typedef struct {
+   /** The index of the cipher chosen */
+   int                 cipher, 
+   /** The block size of the given cipher */                        
+                       blocklen, 
+   /** The padding offset */
+                       padlen;
+   /** The current IV */
+   unsigned char       IV[MAXBLOCKSIZE],
+                       MIV[MAXBLOCKSIZE];
+   /** Current block count */
+   ulong32             blockcnt;
+   /** The scheduled key */
+   symmetric_key       key;
+} symmetric_F8;
+#endif
+
+
+/** cipher descriptor table, last entry has "name == NULL" to mark the end of table */
 extern struct ltc_cipher_descriptor {
    /** name of cipher */
    char *name;
@@ -263,14 +340,16 @@ extern struct ltc_cipher_descriptor {
       @param pt      The plaintext
       @param ct      [out] The ciphertext
       @param skey    The scheduled key
+      @return CRYPT_OK if successful
    */
-   void (*ecb_encrypt)(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+   int (*ecb_encrypt)(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
    /** Decrypt a block
       @param ct      The ciphertext
       @param pt      [out] The plaintext
       @param skey    The scheduled key
+      @return CRYPT_OK if successful
    */
-   void (*ecb_decrypt)(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+   int (*ecb_decrypt)(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
    /** Test the block cipher
        @return CRYPT_OK if successful, CRYPT_NOP if self-testing has been disabled
    */
@@ -293,16 +372,18 @@ extern struct ltc_cipher_descriptor {
        @param ct      Ciphertext
        @param blocks  The number of complete blocks to process
        @param skey    The scheduled key context
+       @return CRYPT_OK if successful
    */
-   void (*accel_ecb_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, symmetric_key *skey);
+   int (*accel_ecb_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, symmetric_key *skey);
 
    /** Accelerated ECB decryption 
        @param pt      Plaintext
        @param ct      Ciphertext
        @param blocks  The number of complete blocks to process
        @param skey    The scheduled key context
+       @return CRYPT_OK if successful
    */
-   void (*accel_ecb_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, symmetric_key *skey);
+   int (*accel_ecb_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, symmetric_key *skey);
 
    /** Accelerated CBC encryption 
        @param pt      Plaintext
@@ -310,8 +391,9 @@ extern struct ltc_cipher_descriptor {
        @param blocks  The number of complete blocks to process
        @param IV      The initial value (input/output)
        @param skey    The scheduled key context
+       @return CRYPT_OK if successful
    */
-   void (*accel_cbc_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, symmetric_key *skey);
+   int (*accel_cbc_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, symmetric_key *skey);
 
    /** Accelerated CBC decryption 
        @param pt      Plaintext
@@ -319,8 +401,9 @@ extern struct ltc_cipher_descriptor {
        @param blocks  The number of complete blocks to process
        @param IV      The initial value (input/output)
        @param skey    The scheduled key context
+       @return CRYPT_OK if successful
    */
-   void (*accel_cbc_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, unsigned char *IV, symmetric_key *skey);
+   int (*accel_cbc_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, unsigned char *IV, symmetric_key *skey);
 
    /** Accelerated CTR encryption 
        @param pt      Plaintext
@@ -329,12 +412,36 @@ extern struct ltc_cipher_descriptor {
        @param IV      The initial value (input/output)
        @param mode    little or big endian counter (mode=0 or mode=1)
        @param skey    The scheduled key context
+       @return CRYPT_OK if successful
    */
-   void (*accel_ctr_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, int mode, symmetric_key *skey);
+   int (*accel_ctr_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, int mode, symmetric_key *skey);
+
+   /** Accelerated LRW 
+       @param pt      Plaintext
+       @param ct      Ciphertext
+       @param blocks  The number of complete blocks to process
+       @param IV      The initial value (input/output)
+       @param tweak   The LRW tweak
+       @param skey    The scheduled key context
+       @return CRYPT_OK if successful
+   */
+   int (*accel_lrw_encrypt)(const unsigned char *pt, unsigned char *ct, unsigned long blocks, unsigned char *IV, const unsigned char *tweak, symmetric_key *skey);
+
+   /** Accelerated LRW 
+       @param ct      Ciphertext
+       @param pt      Plaintext
+       @param blocks  The number of complete blocks to process
+       @param IV      The initial value (input/output)
+       @param tweak   The LRW tweak
+       @param skey    The scheduled key context
+       @return CRYPT_OK if successful
+   */
+   int (*accel_lrw_decrypt)(const unsigned char *ct, unsigned char *pt, unsigned long blocks, unsigned char *IV, const unsigned char *tweak, symmetric_key *skey);
 
    /** Accelerated CCM packet (one-shot)
        @param key        The secret key to use
        @param keylen     The length of the secret key (octets)
+       @param uskey      A previously scheduled key [optional can be NULL]
        @param nonce      The session nonce [use once]
        @param noncelen   The length of the nonce
        @param header     The header for the session
@@ -347,8 +454,9 @@ extern struct ltc_cipher_descriptor {
        @param direction  Encrypt or Decrypt direction (0 or 1)
        @return CRYPT_OK if successful
    */
-   void (*accel_ccm_memory)(
+   int (*accel_ccm_memory)(
        const unsigned char *key,    unsigned long keylen,
+       symmetric_key       *uskey,
        const unsigned char *nonce,  unsigned long noncelen,
        const unsigned char *header, unsigned long headerlen,
              unsigned char *pt,     unsigned long ptlen,
@@ -357,20 +465,21 @@ extern struct ltc_cipher_descriptor {
                        int  direction);
 
    /** Accelerated GCM packet (one shot)
-       @param key               The secret key
-       @param keylen            The length of the secret key
-       @param IV                The initial vector 
-       @param IVlen             The length of the initial vector
-       @param adata             The additional authentication data (header)
-       @param adatalen          The length of the adata
-       @param pt                The plaintext
-       @param ptlen             The length of the plaintext (ciphertext length is the same)
-       @param ct                The ciphertext
-       @param tag               [out] The MAC tag
-       @param taglen            [in/out] The MAC tag length
-       @param direction         Encrypt or Decrypt mode (GCM_ENCRYPT or GCM_DECRYPT)
+       @param key        The secret key
+       @param keylen     The length of the secret key
+       @param IV         The initial vector 
+       @param IVlen      The length of the initial vector
+       @param adata      The additional authentication data (header)
+       @param adatalen   The length of the adata
+       @param pt         The plaintext
+       @param ptlen      The length of the plaintext (ciphertext length is the same)
+       @param ct         The ciphertext
+       @param tag        [out] The MAC tag
+       @param taglen     [in/out] The MAC tag length
+       @param direction  Encrypt or Decrypt mode (GCM_ENCRYPT or GCM_DECRYPT)
+       @return CRYPT_OK on success
    */
-   void (*accel_gcm_memory)(
+   int (*accel_gcm_memory)(
        const unsigned char *key,    unsigned long keylen,
        const unsigned char *IV,     unsigned long IVlen,
        const unsigned char *adata,  unsigned long adatalen,
@@ -378,12 +487,55 @@ extern struct ltc_cipher_descriptor {
              unsigned char *ct, 
              unsigned char *tag,    unsigned long *taglen,
                        int direction);
+
+   /** Accelerated one shot OMAC 
+       @param key            The secret key
+       @param keylen         The key length (octets) 
+       @param in             The message 
+       @param inlen          Length of message (octets)
+       @param out            [out] Destination for tag
+       @param outlen         [in/out] Initial and final size of out
+       @return CRYPT_OK on success
+   */
+   int (*omac_memory)(
+       const unsigned char *key, unsigned long keylen,
+       const unsigned char *in,  unsigned long inlen,
+             unsigned char *out, unsigned long *outlen);
+
+   /** Accelerated one shot XCBC 
+       @param key            The secret key
+       @param keylen         The key length (octets) 
+       @param in             The message 
+       @param inlen          Length of message (octets)
+       @param out            [out] Destination for tag
+       @param outlen         [in/out] Initial and final size of out
+       @return CRYPT_OK on success
+   */
+   int (*xcbc_memory)(
+       const unsigned char *key, unsigned long keylen,
+       const unsigned char *in,  unsigned long inlen,
+             unsigned char *out, unsigned long *outlen);
+
+   /** Accelerated one shot F9 
+       @param key            The secret key
+       @param keylen         The key length (octets) 
+       @param in             The message 
+       @param inlen          Length of message (octets)
+       @param out            [out] Destination for tag
+       @param outlen         [in/out] Initial and final size of out
+       @return CRYPT_OK on success
+       @remark Requires manual padding
+   */
+   int (*f9_memory)(
+       const unsigned char *key, unsigned long keylen,
+       const unsigned char *in,  unsigned long inlen,
+             unsigned char *out, unsigned long *outlen);
 } cipher_descriptor[];
 
 #ifdef BLOWFISH
 int blowfish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
-void blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int blowfish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int blowfish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
 int blowfish_test(void);
 void blowfish_done(symmetric_key *skey);
 int blowfish_keysize(int *keysize);
@@ -392,8 +544,8 @@ extern const struct ltc_cipher_descriptor blowfish_desc;
 
 #ifdef RC5
 int rc5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
-void rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int rc5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int rc5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
 int rc5_test(void);
 void rc5_done(symmetric_key *skey);
 int rc5_keysize(int *keysize);
@@ -402,8 +554,8 @@ extern const struct ltc_cipher_descriptor rc5_desc;
 
 #ifdef RC6
 int rc6_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
-void rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int rc6_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int rc6_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
 int rc6_test(void);
 void rc6_done(symmetric_key *skey);
 int rc6_keysize(int *keysize);
@@ -412,8 +564,8 @@ extern const struct ltc_cipher_descriptor rc6_desc;
 
 #ifdef RC2
 int rc2_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void rc2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
-void rc2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int rc2_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int rc2_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
 int rc2_test(void);
 void rc2_done(symmetric_key *skey);
 int rc2_keysize(int *keysize);
@@ -422,8 +574,8 @@ extern const struct ltc_cipher_descriptor rc2_desc;
 
 #ifdef SAFERP
 int saferp_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
-void saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int saferp_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int saferp_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
 int saferp_test(void);
 void saferp_done(symmetric_key *skey);
 int saferp_keysize(int *keysize);
@@ -435,8 +587,8 @@ int safer_k64_setup(const unsigned char *key, int keylen, int num_rounds, symmet
 int safer_sk64_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
 int safer_k128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
 int safer_sk128_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void safer_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
-void safer_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
+int safer_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *key);
+int safer_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *key);
 int safer_k64_test(void);
 int safer_sk64_test(void);
 int safer_sk128_test(void);
@@ -461,13 +613,13 @@ extern const struct ltc_cipher_descriptor safer_k64_desc, safer_k128_desc, safer
 #define aes_enc_keysize         rijndael_enc_keysize
 
 int rijndael_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
-void rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int rijndael_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int rijndael_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
 int rijndael_test(void);
 void rijndael_done(symmetric_key *skey);
 int rijndael_keysize(int *keysize);
 int rijndael_enc_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void rijndael_enc_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int rijndael_enc_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
 void rijndael_enc_done(symmetric_key *skey);
 int rijndael_enc_keysize(int *keysize);
 extern const struct ltc_cipher_descriptor rijndael_desc, aes_desc;
@@ -476,8 +628,8 @@ extern const struct ltc_cipher_descriptor rijndael_enc_desc, aes_enc_desc;
 
 #ifdef XTEA
 int xtea_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
-void xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int xtea_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int xtea_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
 int xtea_test(void);
 void xtea_done(symmetric_key *skey);
 int xtea_keysize(int *keysize);
@@ -486,8 +638,8 @@ extern const struct ltc_cipher_descriptor xtea_desc;
 
 #ifdef TWOFISH
 int twofish_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
-void twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int twofish_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int twofish_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
 int twofish_test(void);
 void twofish_done(symmetric_key *skey);
 int twofish_keysize(int *keysize);
@@ -496,14 +648,14 @@ extern const struct ltc_cipher_descriptor twofish_desc;
 
 #ifdef DES
 int des_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
-void des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int des_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int des_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
 int des_test(void);
 void des_done(symmetric_key *skey);
 int des_keysize(int *keysize);
 int des3_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
-void des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
 int des3_test(void);
 void des3_done(symmetric_key *skey);
 int des3_keysize(int *keysize);
@@ -512,8 +664,8 @@ extern const struct ltc_cipher_descriptor des_desc, des3_desc;
 
 #ifdef CAST5
 int cast5_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
-void cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int cast5_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int cast5_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
 int cast5_test(void);
 void cast5_done(symmetric_key *skey);
 int cast5_keysize(int *keysize);
@@ -522,8 +674,8 @@ extern const struct ltc_cipher_descriptor cast5_desc;
 
 #ifdef NOEKEON
 int noekeon_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
-void noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int noekeon_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int noekeon_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
 int noekeon_test(void);
 void noekeon_done(symmetric_key *skey);
 int noekeon_keysize(int *keysize);
@@ -532,8 +684,8 @@ extern const struct ltc_cipher_descriptor noekeon_desc;
 
 #ifdef SKIPJACK
 int skipjack_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
-void skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int skipjack_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int skipjack_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
 int skipjack_test(void);
 void skipjack_done(symmetric_key *skey);
 int skipjack_keysize(int *keysize);
@@ -542,8 +694,8 @@ extern const struct ltc_cipher_descriptor skipjack_desc;
 
 #ifdef KHAZAD
 int khazad_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
-void khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int khazad_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int khazad_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
 int khazad_test(void);
 void khazad_done(symmetric_key *skey);
 int khazad_keysize(int *keysize);
@@ -552,15 +704,35 @@ extern const struct ltc_cipher_descriptor khazad_desc;
 
 #ifdef ANUBIS
 int anubis_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
-void anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
-void anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int anubis_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int anubis_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
 int anubis_test(void);
 void anubis_done(symmetric_key *skey);
 int anubis_keysize(int *keysize);
 extern const struct ltc_cipher_descriptor anubis_desc;
 #endif
 
-#ifdef ECB
+#ifdef KSEED
+int kseed_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
+int kseed_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int kseed_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int kseed_test(void);
+void kseed_done(symmetric_key *skey);
+int kseed_keysize(int *keysize);
+extern const struct ltc_cipher_descriptor kseed_desc;
+#endif
+
+#ifdef LTC_KASUMI
+int kasumi_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
+int kasumi_ecb_encrypt(const unsigned char *pt, unsigned char *ct, symmetric_key *skey);
+int kasumi_ecb_decrypt(const unsigned char *ct, unsigned char *pt, symmetric_key *skey);
+int kasumi_test(void);
+void kasumi_done(symmetric_key *skey);
+int kasumi_keysize(int *keysize);
+extern const struct ltc_cipher_descriptor kasumi_desc;
+#endif
+
+#ifdef LTC_ECB_MODE
 int ecb_start(int cipher, const unsigned char *key, 
               int keylen, int num_rounds, symmetric_ECB *ecb);
 int ecb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_ECB *ecb);
@@ -568,7 +740,7 @@ int ecb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
 int ecb_done(symmetric_ECB *ecb);
 #endif
 
-#ifdef CFB
+#ifdef LTC_CFB_MODE
 int cfb_start(int cipher, const unsigned char *IV, const unsigned char *key, 
               int keylen, int num_rounds, symmetric_CFB *cfb);
 int cfb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CFB *cfb);
@@ -578,7 +750,7 @@ int cfb_setiv(const unsigned char *IV, unsigned long len, symmetric_CFB *cfb);
 int cfb_done(symmetric_CFB *cfb);
 #endif
 
-#ifdef OFB
+#ifdef LTC_OFB_MODE
 int ofb_start(int cipher, const unsigned char *IV, const unsigned char *key, 
               int keylen, int num_rounds, symmetric_OFB *ofb);
 int ofb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_OFB *ofb);
@@ -588,7 +760,7 @@ int ofb_setiv(const unsigned char *IV, unsigned long len, symmetric_OFB *ofb);
 int ofb_done(symmetric_OFB *ofb);
 #endif
 
-#ifdef CBC
+#ifdef LTC_CBC_MODE
 int cbc_start(int cipher, const unsigned char *IV, const unsigned char *key,
                int keylen, int num_rounds, symmetric_CBC *cbc);
 int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_CBC *cbc);
@@ -598,10 +770,11 @@ int cbc_setiv(const unsigned char *IV, unsigned long len, symmetric_CBC *cbc);
 int cbc_done(symmetric_CBC *cbc);
 #endif
 
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 
 #define CTR_COUNTER_LITTLE_ENDIAN    0
 #define CTR_COUNTER_BIG_ENDIAN       1
+#define LTC_CTR_RFC3686              2
 
 int ctr_start(               int   cipher,
               const unsigned char *IV,
@@ -613,8 +786,45 @@ int ctr_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
 int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr);
 int ctr_setiv(const unsigned char *IV, unsigned long len, symmetric_CTR *ctr);
 int ctr_done(symmetric_CTR *ctr);
+int ctr_test(void);
 #endif
-    
+
+#ifdef LTC_LRW_MODE
+
+#define LRW_ENCRYPT 0
+#define LRW_DECRYPT 1
+
+int lrw_start(               int   cipher,
+              const unsigned char *IV,
+              const unsigned char *key,       int keylen,
+              const unsigned char *tweak,
+                             int  num_rounds, 
+                   symmetric_LRW *lrw);
+int lrw_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_LRW *lrw);
+int lrw_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_LRW *lrw);
+int lrw_getiv(unsigned char *IV, unsigned long *len, symmetric_LRW *lrw);
+int lrw_setiv(const unsigned char *IV, unsigned long len, symmetric_LRW *lrw);
+int lrw_done(symmetric_LRW *lrw);
+int lrw_test(void);
+
+/* don't call */
+int lrw_process(const unsigned char *pt, unsigned char *ct, unsigned long len, int mode, symmetric_LRW *lrw);
+#endif    
+
+#ifdef LTC_F8_MODE
+int f8_start(                int  cipher, const unsigned char *IV, 
+             const unsigned char *key,                    int  keylen, 
+             const unsigned char *salt_key,               int  skeylen,
+                             int  num_rounds,   symmetric_F8  *f8);
+int f8_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_F8 *f8);
+int f8_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_F8 *f8);
+int f8_getiv(unsigned char *IV, unsigned long *len, symmetric_F8 *f8);
+int f8_setiv(const unsigned char *IV, unsigned long len, symmetric_F8 *f8);
+int f8_done(symmetric_F8 *f8);
+int f8_test_mode(void);
+#endif
+
+
 int find_cipher(const char *name);
 int find_cipher_any(const char *name, int blocklen, int keylen);
 int find_cipher_id(unsigned char ID);
@@ -622,8 +832,8 @@ int register_cipher(const struct ltc_cipher_descriptor *cipher);
 int unregister_cipher(const struct ltc_cipher_descriptor *cipher);
 int cipher_is_valid(int idx);
 
-LTC_MUTEX_PROTO(ltc_cipher_mutex);
+LTC_MUTEX_PROTO(ltc_cipher_mutex)
 
 /* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_cipher.h,v $ */
-/* $Revision: 1.16 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.46 $ */
+/* $Date: 2006/11/13 23:09:38 $ */
diff --git a/libtomcrypt/src/headers/tomcrypt_custom.h b/libtomcrypt/src/headers/tomcrypt_custom.h
index ad61f52..540514e 100644
--- a/libtomcrypt/src/headers/tomcrypt_custom.h
+++ b/libtomcrypt/src/headers/tomcrypt_custom.h
@@ -5,21 +5,68 @@
 #include "options.h"
 
 /* macros for various libc functions you can change for embedded targets */
+#ifndef XMALLOC
+   #ifdef malloc 
+   #define LTC_NO_PROTOTYPES
+   #endif
 #define XMALLOC  malloc
+#endif
+#ifndef XREALLOC
+   #ifdef realloc 
+   #define LTC_NO_PROTOTYPES
+   #endif
 #define XREALLOC realloc
+#endif
+#ifndef XCALLOC
+   #ifdef calloc 
+   #define LTC_NO_PROTOTYPES
+   #endif
 #define XCALLOC  calloc
+#endif
+#ifndef XFREE
+   #ifdef free
+   #define LTC_NO_PROTOTYPES
+   #endif
 #define XFREE    free
+#endif
 
+#ifndef XMEMSET
+   #ifdef memset
+   #define LTC_NO_PROTOTYPES
+   #endif
 #define XMEMSET  memset
+#endif
+#ifndef XMEMCPY
+   #ifdef memcpy
+   #define LTC_NO_PROTOTYPES
+   #endif
 #define XMEMCPY  memcpy
+#endif
+#ifndef XMEMCMP
+   #ifdef memcmp 
+   #define LTC_NO_PROTOTYPES
+   #endif
+#define XMEMCMP  memcmp
+#endif
+#ifndef XSTRCMP
+   #ifdef strcmp
+   #define LTC_NO_PROTOTYPES
+   #endif
+#define XSTRCMP strcmp
+#endif
 
+#ifndef XCLOCK
 #define XCLOCK   clock
+#endif
+#ifndef XCLOCKS_PER_SEC
 #define XCLOCKS_PER_SEC CLOCKS_PER_SEC
+#endif
 
+   #define LTC_NO_PRNGS
+   #define LTC_NO_PK
 #ifdef DROPBEAR_SMALL_CODE
 #define LTC_SMALL_CODE
 #endif
-
 /* These spit out warnings etc */
 #define LTC_NO_ROLC
 
@@ -84,13 +131,23 @@
 /* default no functions */
 #define LTC_MUTEX_GLOBAL(x)
 #define LTC_MUTEX_PROTO(x)
+#define LTC_MUTEX_TYPE(x)
+#define LTC_MUTEX_INIT(x)
 #define LTC_MUTEX_LOCK(x)
 #define LTC_MUTEX_UNLOCK(x)
 #define FORTUNA_POOLS 0
 
 #endif
 
+/* Debuggers */
+
+/* define this if you use Valgrind, note: it CHANGES the way SOBER-128 and RC4 work (see the code) */
+/* #define LTC_VALGRIND */
+
+#endif
+
+
 
 /* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_custom.h,v $ */
-/* $Revision: 1.17 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.66 $ */
+/* $Date: 2006/12/04 02:50:11 $ */
diff --git a/libtomcrypt/src/headers/tomcrypt_hash.h b/libtomcrypt/src/headers/tomcrypt_hash.h
index a0534f9..d9916ac 100644
--- a/libtomcrypt/src/headers/tomcrypt_hash.h
+++ b/libtomcrypt/src/headers/tomcrypt_hash.h
@@ -70,6 +70,22 @@ struct rmd160_state {
 };
 #endif
 
+#ifdef RIPEMD256
+struct rmd256_state {
+    ulong64 length;
+    unsigned char buf[64];
+    ulong32 curlen, state[8];
+};
+#endif
+
+#ifdef RIPEMD320
+struct rmd320_state {
+    ulong64 length;
+    unsigned char buf[64];
+    ulong32 curlen, state[10];
+};
+#endif
+
 #ifdef WHIRLPOOL
 struct whirlpool_state {
     ulong64 length, state[8];
@@ -87,6 +103,7 @@ struct chc_state {
 #endif
 
 typedef union Hash_state {
+    char dummy[1];
 #ifdef CHC_HASH
     struct chc_state chc;
 #endif
@@ -120,9 +137,16 @@ typedef union Hash_state {
 #ifdef RIPEMD160
     struct rmd160_state rmd160;
 #endif
+#ifdef RIPEMD256
+    struct rmd256_state rmd256;
+#endif
+#ifdef RIPEMD320
+    struct rmd320_state rmd320;
+#endif
     void *data;
 } hash_state;
 
+/** hash descriptor */
 extern  struct ltc_hash_descriptor {
     /** name of hash */
     char *name;
@@ -159,6 +183,12 @@ extern  struct ltc_hash_descriptor {
       @return CRYPT_OK if successful, CRYPT_NOP if self-tests have been disabled
     */
     int (*test)(void);
+
+    /* accelerated hmac callback: if you need to-do multiple packets just use the generic hmac_memory and provide a hash callback */
+    int  (*hmac_block)(const unsigned char *key, unsigned long  keylen,
+                       const unsigned char *in,  unsigned long  inlen, 
+                             unsigned char *out, unsigned long *outlen);
+
 } hash_descriptor[];
 
 #ifdef CHC_HASH
@@ -272,14 +302,32 @@ int rmd160_test(void);
 extern const struct ltc_hash_descriptor rmd160_desc;
 #endif
 
+#ifdef RIPEMD256
+int rmd256_init(hash_state * md);
+int rmd256_process(hash_state * md, const unsigned char *in, unsigned long inlen);
+int rmd256_done(hash_state * md, unsigned char *hash);
+int rmd256_test(void);
+extern const struct ltc_hash_descriptor rmd256_desc;
+#endif
+
+#ifdef RIPEMD320
+int rmd320_init(hash_state * md);
+int rmd320_process(hash_state * md, const unsigned char *in, unsigned long inlen);
+int rmd320_done(hash_state * md, unsigned char *hash);
+int rmd320_test(void);
+extern const struct ltc_hash_descriptor rmd320_desc;
+#endif
+
+
 int find_hash(const char *name);
 int find_hash_id(unsigned char ID);
+int find_hash_oid(const unsigned long *ID, unsigned long IDlen);
 int find_hash_any(const char *name, int digestlen);
 int register_hash(const struct ltc_hash_descriptor *hash);
 int unregister_hash(const struct ltc_hash_descriptor *hash);
 int hash_is_valid(int idx);
 
-LTC_MUTEX_PROTO(ltc_hash_mutex);
+LTC_MUTEX_PROTO(ltc_hash_mutex)
 
 int hash_memory(int hash, 
                 const unsigned char *in,  unsigned long inlen, 
@@ -327,5 +375,5 @@ int func_name (hash_state * md, const unsigned char *in, unsigned long inlen)
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_hash.h,v $ */
-/* $Revision: 1.12 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.19 $ */
+/* $Date: 2006/11/05 01:36:43 $ */
diff --git a/libtomcrypt/src/headers/tomcrypt_mac.h b/libtomcrypt/src/headers/tomcrypt_mac.h
index 411b1bc..42bf680 100644
--- a/libtomcrypt/src/headers/tomcrypt_mac.h
+++ b/libtomcrypt/src/headers/tomcrypt_mac.h
@@ -1,4 +1,4 @@
-#ifdef HMAC
+#ifdef LTC_HMAC
 typedef struct Hmac_state {
      hash_state     md;
      int            hash;
@@ -23,7 +23,7 @@ int hmac_file(int hash, const char *fname, const unsigned char *key,
               unsigned char *dst, unsigned long *dstlen);
 #endif
 
-#ifdef OMAC
+#ifdef LTC_OMAC
 
 typedef struct {
    int             cipher_idx, 
@@ -53,7 +53,7 @@ int omac_file(int cipher,
 int omac_test(void);
 #endif /* OMAC */
 
-#ifdef PMAC
+#ifdef LTC_PMAC
 
 typedef struct {
    unsigned char     Ls[32][MAXBLOCKSIZE],    /* L shifted by i bits to the left */
@@ -98,7 +98,7 @@ void pmac_shift_xor(pmac_state *pmac);
 
 #ifdef EAX_MODE
 
-#if !(defined(OMAC) && defined(CTR))
+#if !(defined(LTC_OMAC) && defined(LTC_CTR_MODE))
    #error EAX_MODE requires OMAC and CTR
 #endif
 
@@ -200,6 +200,7 @@ int s_ocb_done(ocb_state *ocb, const unsigned char *pt, unsigned long ptlen,
 
 int ccm_memory(int cipher,
     const unsigned char *key,    unsigned long keylen,
+    symmetric_key       *uskey,
     const unsigned char *nonce,  unsigned long noncelen,
     const unsigned char *header, unsigned long headerlen,
           unsigned char *pt,     unsigned long ptlen,
@@ -211,6 +212,16 @@ int ccm_test(void);
 
 #endif /* CCM_MODE */
 
+#if defined(LRW_MODE) || defined(GCM_MODE)
+void gcm_gf_mult(const unsigned char *a, const unsigned char *b, unsigned char *c);
+#endif
+
+
+/* table shared between GCM and LRW */
+#if defined(GCM_TABLES) || defined(LRW_TABLES) || ((defined(GCM_MODE) || defined(GCM_MODE)) && defined(LTC_FAST))
+extern const unsigned char gcm_shift_table[];
+#endif
+
 #ifdef GCM_MODE
 
 #define GCM_ENCRYPT 0
@@ -237,12 +248,14 @@ typedef struct {
                        pttotlen;     /* 64-bit counter for the PT */
 
 #ifdef GCM_TABLES
-   unsigned char       PC[16][256][16];  /* 16 tables of 8x128 */
+   unsigned char       PC[16][256][16]  /* 16 tables of 8x128 */
+#ifdef GCM_TABLES_SSE2
+__attribute__ ((aligned (16)))
+#endif
+;
 #endif  
-
 } gcm_state;
 
-void gcm_gf_mult(const unsigned char *a, const unsigned char *b, unsigned char *c);
 void gcm_mult_h(gcm_state *gcm, unsigned char *I);
 
 int gcm_init(gcm_state *gcm, int cipher,
@@ -296,6 +309,73 @@ int pelican_memory(const unsigned char *key, unsigned long keylen,
 
 #endif
 
+#ifdef LTC_XCBC
+
+typedef struct {
+   unsigned char K[3][MAXBLOCKSIZE],
+                 IV[MAXBLOCKSIZE];
+
+   symmetric_key key;
+
+             int cipher,
+                 buflen,
+                 blocksize;
+} xcbc_state;
+
+int xcbc_init(xcbc_state *xcbc, int cipher, const unsigned char *key, unsigned long keylen);
+int xcbc_process(xcbc_state *xcbc, const unsigned char *in, unsigned long inlen);
+int xcbc_done(xcbc_state *xcbc, unsigned char *out, unsigned long *outlen);
+int xcbc_memory(int cipher, 
+               const unsigned char *key, unsigned long keylen,
+               const unsigned char *in,  unsigned long inlen,
+                     unsigned char *out, unsigned long *outlen);
+int xcbc_memory_multi(int cipher, 
+                const unsigned char *key, unsigned long keylen,
+                      unsigned char *out, unsigned long *outlen,
+                const unsigned char *in,  unsigned long inlen, ...);
+int xcbc_file(int cipher, 
+              const unsigned char *key, unsigned long keylen,
+              const          char *filename, 
+                    unsigned char *out, unsigned long *outlen);
+int xcbc_test(void);
+
+#endif
+
+#ifdef LTC_F9_MODE
+
+typedef struct {
+   unsigned char akey[MAXBLOCKSIZE],
+                 ACC[MAXBLOCKSIZE],
+                 IV[MAXBLOCKSIZE];
+
+   symmetric_key key;
+
+             int cipher,
+                 buflen,
+                 keylen,
+                 blocksize;
+} f9_state;
+
+int f9_init(f9_state *f9, int cipher, const unsigned char *key, unsigned long keylen);
+int f9_process(f9_state *f9, const unsigned char *in, unsigned long inlen);
+int f9_done(f9_state *f9, unsigned char *out, unsigned long *outlen);
+int f9_memory(int cipher, 
+               const unsigned char *key, unsigned long keylen,
+               const unsigned char *in,  unsigned long inlen,
+                     unsigned char *out, unsigned long *outlen);
+int f9_memory_multi(int cipher, 
+                const unsigned char *key, unsigned long keylen,
+                      unsigned char *out, unsigned long *outlen,
+                const unsigned char *in,  unsigned long inlen, ...);
+int f9_file(int cipher, 
+              const unsigned char *key, unsigned long keylen,
+              const          char *filename, 
+                    unsigned char *out, unsigned long *outlen);
+int f9_test(void);
+
+#endif
+
+
 /* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_mac.h,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.20 $ */
+/* $Date: 2006/11/08 21:57:04 $ */
diff --git a/libtomcrypt/src/headers/tomcrypt_macros.h b/libtomcrypt/src/headers/tomcrypt_macros.h
index 488931f..53bda9b 100644
--- a/libtomcrypt/src/headers/tomcrypt_macros.h
+++ b/libtomcrypt/src/headers/tomcrypt_macros.h
@@ -10,7 +10,7 @@
 /* this is the "32-bit at least" data type 
  * Re-define it to suit your platform but it must be at least 32-bits 
  */
-#if defined(__x86_64__)
+#if defined(__x86_64__) || (defined(__sparc__) && defined(__arch64__))
    typedef unsigned ulong32;
 #else
    typedef unsigned long ulong32;
@@ -72,15 +72,15 @@
 #define STORE32H(x, y)           \
 asm __volatile__ (               \
    "bswapl %0     \n\t"          \
-   "movl   %0,(%2)\n\t"          \
+   "movl   %0,(%1)\n\t"          \
    "bswapl %0     \n\t"          \
-      :"=r"(x):"0"(x), "r"(y));
+      ::"r"(x), "r"(y));
 
 #define LOAD32H(x, y)          \
 asm __volatile__ (             \
-   "movl (%2),%0\n\t"          \
+   "movl (%1),%0\n\t"          \
    "bswapl %0\n\t"             \
-   :"=r"(x): "0"(x), "r"(y));
+   :"=r"(x): "r"(y));
 
 #else
 
@@ -103,15 +103,15 @@ asm __volatile__ (             \
 #define STORE64H(x, y)           \
 asm __volatile__ (               \
    "bswapq %0     \n\t"          \
-   "movq   %0,(%2)\n\t"          \
+   "movq   %0,(%1)\n\t"          \
    "bswapq %0     \n\t"          \
-      :"=r"(x):"0"(x), "r"(y):"0");
+      ::"r"(x), "r"(y));
 
 #define LOAD64H(x, y)          \
 asm __volatile__ (             \
-   "movq (%2),%0\n\t"          \
+   "movq (%1),%0\n\t"          \
    "bswapq %0\n\t"             \
-   :"=r"(x): "0"(x), "r"(y));
+   :"=r"(x): "r"(y));
 
 #else
 
@@ -132,10 +132,10 @@ asm __volatile__ (             \
 #ifdef ENDIAN_32BITWORD 
 
 #define STORE32L(x, y)        \
-     { ulong32  __t = (x); memcpy(y, &__t, 4); }
+     { ulong32  __t = (x); XMEMCPY(y, &__t, 4); }
 
 #define LOAD32L(x, y)         \
-     memcpy(&(x), y, 4);
+     XMEMCPY(&(x), y, 4);
 
 #define STORE64L(x, y)                                                                     \
      { (y)[7] = (unsigned char)(((x)>>56)&255); (y)[6] = (unsigned char)(((x)>>48)&255);   \
@@ -152,16 +152,16 @@ asm __volatile__ (             \
 #else /* 64-bit words then  */
 
 #define STORE32L(x, y)        \
-     { ulong32 __t = (x); memcpy(y, &__t, 4); }
+     { ulong32 __t = (x); XMEMCPY(y, &__t, 4); }
 
 #define LOAD32L(x, y)         \
-     { memcpy(&(x), y, 4); x &= 0xFFFFFFFF; }
+     { XMEMCPY(&(x), y, 4); x &= 0xFFFFFFFF; }
 
 #define STORE64L(x, y)        \
-     { ulong64 __t = (x); memcpy(y, &__t, 8); }
+     { ulong64 __t = (x); XMEMCPY(y, &__t, 8); }
 
 #define LOAD64L(x, y)         \
-    { memcpy(&(x), y, 8); }
+    { XMEMCPY(&(x), y, 8); }
 
 #endif /* ENDIAN_64BITWORD */
 
@@ -193,10 +193,10 @@ asm __volatile__ (             \
 #ifdef ENDIAN_32BITWORD 
 
 #define STORE32H(x, y)        \
-     { ulong32 __t = (x); memcpy(y, &__t, 4); }
+     { ulong32 __t = (x); XMEMCPY(y, &__t, 4); }
 
 #define LOAD32H(x, y)         \
-     memcpy(&(x), y, 4);
+     XMEMCPY(&(x), y, 4);
 
 #define STORE64H(x, y)                                                                     \
      { (y)[0] = (unsigned char)(((x)>>56)&255); (y)[1] = (unsigned char)(((x)>>48)&255);   \
@@ -213,16 +213,16 @@ asm __volatile__ (             \
 #else /* 64-bit words then  */
 
 #define STORE32H(x, y)        \
-     { ulong32 __t = (x); memcpy(y, &__t, 4); }
+     { ulong32 __t = (x); XMEMCPY(y, &__t, 4); }
 
 #define LOAD32H(x, y)         \
-     { memcpy(&(x), y, 4); x &= 0xFFFFFFFF; }
+     { XMEMCPY(&(x), y, 4); x &= 0xFFFFFFFF; }
 
 #define STORE64H(x, y)        \
-     { ulong64 __t = (x); memcpy(y, &__t, 8); }
+     { ulong64 __t = (x); XMEMCPY(y, &__t, 8); }
 
 #define LOAD64H(x, y)         \
-    { memcpy(&(x), y, 8); }
+    { XMEMCPY(&(x), y, 8); }
 
 #endif /* ENDIAN_64BITWORD */
 #endif /* ENDIAN_BIG */
@@ -242,7 +242,7 @@ asm __volatile__ (             \
 #define RORc(x,n) _lrotr(x,n)
 #define ROLc(x,n) _lrotl(x,n)
 
-#elif defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) && !defined(INTEL_CC) && !defined(LTC_NO_ASM)
+#elif !defined(__STRICT_ANSI__) && defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) && !defined(INTEL_CC) && !defined(LTC_NO_ASM)
 
 static inline unsigned ROL(unsigned word, int i)
 {
@@ -285,6 +285,50 @@ static inline unsigned RORc(unsigned word, const int i)
 
 #endif
 
+#elif !defined(__STRICT_ANSI__) && defined(LTC_PPC32)
+
+static inline unsigned ROL(unsigned word, int i)
+{
+   asm ("rotlw %0,%0,%2"
+      :"=r" (word)
+      :"0" (word),"r" (i));
+   return word;
+}
+
+static inline unsigned ROR(unsigned word, int i)
+{
+   asm ("rotlw %0,%0,%2"
+      :"=r" (word)
+      :"0" (word),"r" (32-i));
+   return word;
+}
+
+#ifndef LTC_NO_ROLC
+
+static inline unsigned ROLc(unsigned word, const int i)
+{
+   asm ("rotlwi %0,%0,%2"
+      :"=r" (word)
+      :"0" (word),"I" (i));
+   return word;
+}
+
+static inline unsigned RORc(unsigned word, const int i)
+{
+   asm ("rotrwi %0,%0,%2"
+      :"=r" (word)
+      :"0" (word),"I" (i));
+   return word;
+}
+
+#else
+
+#define ROLc ROL
+#define RORc ROR
+
+#endif
+
+
 #else
 
 /* rotates the hard way */
@@ -297,7 +341,7 @@ static inline unsigned RORc(unsigned word, const int i)
 
 
 /* 64-bit Rotates */
-#if defined(__GNUC__) && defined(__x86_64__) && !defined(LTC_NO_ASM)
+#if !defined(__STRICT_ANSI__) && defined(__GNUC__) && defined(__x86_64__) && !defined(LTC_NO_ASM)
 
 static inline unsigned long ROL64(unsigned long word, int i)
 {
@@ -360,10 +404,13 @@ static inline unsigned long ROR64c(unsigned long word, const int i)
 
 #endif
 
-#undef MAX
-#undef MIN
-#define MAX(x, y) ( ((x)>(y))?(x):(y) )
-#define MIN(x, y) ( ((x)<(y))?(x):(y) )
+#ifndef MAX
+   #define MAX(x, y) ( ((x)>(y))?(x):(y) )
+#endif
+
+#ifndef MIN
+   #define MIN(x, y) ( ((x)<(y))?(x):(y) )
+#endif
 
 /* extract a byte portably */
 #ifdef _MSC_VER
@@ -373,5 +420,5 @@ static inline unsigned long ROR64c(unsigned long word, const int i)
 #endif   
 
 /* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_macros.h,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.15 $ */
+/* $Date: 2006/11/29 23:43:57 $ */
diff --git a/libtomcrypt/src/headers/tomcrypt_math.h b/libtomcrypt/src/headers/tomcrypt_math.h
new file mode 100644
index 0000000..c996e41
--- /dev/null
+++ b/libtomcrypt/src/headers/tomcrypt_math.h
@@ -0,0 +1,500 @@
+/** math functions **/
+
+#define LTC_MP_LT   -1
+#define LTC_MP_EQ    0
+#define LTC_MP_GT    1
+
+#define LTC_MP_NO    0
+#define LTC_MP_YES   1
+
+#ifndef MECC
+   typedef void ecc_point;
+#endif
+
+#ifndef MRSA
+   typedef void rsa_key;
+#endif
+
+/** math descriptor */
+typedef struct {
+   /** Name of the math provider */
+   char *name;
+
+   /** Bits per digit, amount of bits must fit in an unsigned long */
+   int  bits_per_digit;
+
+/* ---- init/deinit functions ---- */
+
+   /** initialize a bignum
+     @param   a     The number to initialize
+     @return  CRYPT_OK on success
+   */
+   int (*init)(void **a);
+   
+   /** init copy 
+     @param  dst    The number to initialize and write to
+     @param  src    The number to copy from
+     @return CRYPT_OK on success
+   */
+   int (*init_copy)(void **dst, void *src);
+
+   /** deinit 
+      @param   a    The number to free
+      @return CRYPT_OK on success
+   */
+   void (*deinit)(void *a);
+
+/* ---- data movement ---- */
+
+   /** negate
+      @param   src   The number to negate
+      @param   dst   The destination
+      @return CRYPT_OK on success
+   */
+   int (*neg)(void *src, void *dst);
+   
+   /** copy 
+      @param   src   The number to copy from
+      @param   dst   The number to write to 
+      @return CRYPT_OK on success
+   */
+   int (*copy)(void *src, void *dst);
+
+/* ---- trivial low level functions ---- */
+
+   /** set small constant 
+      @param a    Number to write to
+      @param n    Source upto bits_per_digit (actually meant for very small constants) 
+      @return CRYPT_OK on succcess
+   */
+   int (*set_int)(void *a, unsigned long n);
+
+   /** get small constant 
+      @param a    Number to read, only fetches upto bits_per_digit from the number
+      @return  The lower bits_per_digit of the integer (unsigned)
+   */
+   unsigned long (*get_int)(void *a);
+
+   /** get digit n 
+     @param a  The number to read from
+     @param n  The number of the digit to fetch
+     @return  The bits_per_digit  sized n'th digit of a
+   */
+   unsigned long (*get_digit)(void *a, int n);
+
+   /** Get the number of digits that represent the number
+     @param a   The number to count
+     @return The number of digits used to represent the number
+   */
+   int (*get_digit_count)(void *a);
+
+   /** compare two integers
+     @param a   The left side integer
+     @param b   The right side integer
+     @return LTC_MP_LT if a < b, LTC_MP_GT if a > b and LTC_MP_EQ otherwise.  (signed comparison)
+   */
+   int (*compare)(void *a, void *b);
+
+   /** compare against int 
+     @param a   The left side integer
+     @param b   The right side integer (upto bits_per_digit)
+     @return LTC_MP_LT if a < b, LTC_MP_GT if a > b and LTC_MP_EQ otherwise.  (signed comparison)
+   */
+   int (*compare_d)(void *a, unsigned long n);
+
+   /** Count the number of bits used to represent the integer
+     @param a   The integer to count
+     @return The number of bits required to represent the integer
+   */
+   int (*count_bits)(void * a);
+
+   /** Count the number of LSB bits which are zero 
+     @param a   The integer to count
+     @return The number of contiguous zero LSB bits
+   */
+   int (*count_lsb_bits)(void *a);
+
+   /** Compute a power of two
+     @param a  The integer to store the power in
+     @param n  The power of two you want to store (a = 2^n)
+     @return CRYPT_OK on success
+   */
+   int (*twoexpt)(void *a , int n);
+
+/* ---- radix conversions ---- */
+   
+   /** read ascii string 
+     @param a     The integer to store into
+     @param str   The string to read
+     @param radix The radix the integer has been represented in (2-64)
+     @return CRYPT_OK on success
+   */
+   int (*read_radix)(void *a, const char *str, int radix);
+
+   /** write number to string
+     @param a     The integer to store
+     @param str   The destination for the string
+     @param radix The radix the integer is to be represented in (2-64)
+     @return CRYPT_OK on success
+   */
+   int (*write_radix)(void *a, char *str, int radix);
+
+   /** get size as unsigned char string 
+     @param a     The integer to get the size (when stored in array of octets)
+     @return The length of the integer
+   */
+   unsigned long (*unsigned_size)(void *a);
+
+   /** store an integer as an array of octets 
+     @param src   The integer to store
+     @param dst   The buffer to store the integer in
+     @return CRYPT_OK on success
+   */
+   int (*unsigned_write)(void *src, unsigned char *dst);
+
+   /** read an array of octets and store as integer
+     @param dst   The integer to load
+     @param src   The array of octets 
+     @param len   The number of octets 
+     @return CRYPT_OK on success
+   */
+   int (*unsigned_read)(void *dst, unsigned char *src, unsigned long len);
+
+/* ---- basic math ---- */
+
+   /** add two integers 
+     @param a   The first source integer
+     @param b   The second source integer
+     @param c   The destination of "a + b"
+     @return CRYPT_OK on success
+   */
+   int (*add)(void *a, void *b, void *c);
+
+
+   /** add two integers 
+     @param a   The first source integer
+     @param b   The second source integer (single digit of upto bits_per_digit in length)
+     @param c   The destination of "a + b"
+     @return CRYPT_OK on success
+   */
+   int (*addi)(void *a, unsigned long b, void *c);
+
+   /** subtract two integers 
+     @param a   The first source integer
+     @param b   The second source integer
+     @param c   The destination of "a - b"
+     @return CRYPT_OK on success
+   */
+   int (*sub)(void *a, void *b, void *c);
+
+   /** subtract two integers 
+     @param a   The first source integer
+     @param b   The second source integer (single digit of upto bits_per_digit in length)
+     @param c   The destination of "a - b"
+     @return CRYPT_OK on success
+   */
+   int (*subi)(void *a, unsigned long b, void *c);
+
+   /** multiply two integers 
+     @param a   The first source integer
+     @param b   The second source integer (single digit of upto bits_per_digit in length)
+     @param c   The destination of "a * b"
+     @return CRYPT_OK on success
+   */
+   int (*mul)(void *a, void *b, void *c);
+
+   /** multiply two integers 
+     @param a   The first source integer
+     @param b   The second source integer (single digit of upto bits_per_digit in length)
+     @param c   The destination of "a * b"
+     @return CRYPT_OK on success
+   */
+   int (*muli)(void *a, unsigned long b, void *c);
+
+   /** Square an integer
+     @param a    The integer to square
+     @param b    The destination
+     @return CRYPT_OK on success
+   */
+   int (*sqr)(void *a, void *b);
+
+   /** Divide an integer
+     @param a    The dividend
+     @param b    The divisor
+     @param c    The quotient (can be NULL to signify don't care)
+     @param d    The remainder (can be NULL to signify don't care)
+     @return CRYPT_OK on success
+   */
+   int (*mpdiv)(void *a, void *b, void *c, void *d);
+
+   /** divide by two 
+      @param  a   The integer to divide (shift right)
+      @param  b   The destination 
+      @return CRYPT_OK on success
+   */
+   int (*div_2)(void *a, void *b);
+
+   /** Get remainder (small value)
+      @param  a    The integer to reduce
+      @param  b    The modulus (upto bits_per_digit in length)
+      @param  c    The destination for the residue
+      @return CRYPT_OK on success
+   */
+   int (*modi)(void *a, unsigned long b, unsigned long *c);
+
+   /** gcd 
+      @param  a     The first integer
+      @param  b     The second integer
+      @param  c     The destination for (a, b)
+      @return CRYPT_OK on success
+   */
+   int (*gcd)(void *a, void *b, void *c);
+
+   /** lcm 
+      @param  a     The first integer
+      @param  b     The second integer
+      @param  c     The destination for [a, b]
+      @return CRYPT_OK on success
+   */
+   int (*lcm)(void *a, void *b, void *c);
+
+   /** Modular multiplication
+      @param  a     The first source
+      @param  b     The second source 
+      @param  c     The modulus
+      @param  d     The destination (a*b mod c)
+      @return CRYPT_OK on success
+   */
+   int (*mulmod)(void *a, void *b, void *c, void *d);
+
+   /** Modular squaring
+      @param  a     The first source
+      @param  b     The modulus
+      @param  c     The destination (a*a mod b)
+      @return CRYPT_OK on success
+   */
+   int (*sqrmod)(void *a, void *b, void *c);
+
+   /** Modular inversion
+      @param  a     The value to invert
+      @param  b     The modulus 
+      @param  c     The destination (1/a mod b)
+      @return CRYPT_OK on success
+   */
+   int (*invmod)(void *, void *, void *);
+
+/* ---- reduction ---- */
+
+   /** setup montgomery
+       @param a  The modulus 
+       @param b  The destination for the reduction digit 
+       @return CRYPT_OK on success
+   */
+   int (*montgomery_setup)(void *a, void **b);
+
+   /** get normalization value 
+       @param a   The destination for the normalization value
+       @param b   The modulus
+       @return  CRYPT_OK on success
+   */
+   int (*montgomery_normalization)(void *a, void *b);
+
+   /** reduce a number
+       @param a   The number [and dest] to reduce
+       @param b   The modulus
+       @param c   The value "b" from montgomery_setup()
+       @return CRYPT_OK on success
+   */
+   int (*montgomery_reduce)(void *a, void *b, void *c);
+
+   /** clean up  (frees memory)
+       @param a   The value "b" from montgomery_setup()
+       @return CRYPT_OK on success
+   */      
+   void (*montgomery_deinit)(void *a);
+
+/* ---- exponentiation ---- */
+
+   /** Modular exponentiation
+       @param a    The base integer
+       @param b    The power (can be negative) integer
+       @param c    The modulus integer
+       @param d    The destination
+       @return CRYPT_OK on success
+   */
+   int (*exptmod)(void *a, void *b, void *c, void *d);
+
+   /** Primality testing
+       @param a     The integer to test
+       @param b     The destination of the result (FP_YES if prime)
+       @return CRYPT_OK on success
+   */
+   int (*isprime)(void *a, int *b);
+
+/* ----  (optional) ecc point math ---- */
+
+   /** ECC GF(p) point multiplication (from the NIST curves)
+       @param k   The integer to multiply the point by
+       @param G   The point to multiply
+       @param R   The destination for kG  
+       @param modulus  The modulus for the field
+       @param map Boolean indicated whether to map back to affine or not (can be ignored if you work in affine only)
+       @return CRYPT_OK on success
+   */
+   int (*ecc_ptmul)(void *k, ecc_point *G, ecc_point *R, void *modulus, int map);
+
+   /** ECC GF(p) point addition 
+       @param P    The first point
+       @param Q    The second point
+       @param R    The destination of P + Q
+       @param modulus  The modulus
+       @param mp   The "b" value from montgomery_setup()
+       @return CRYPT_OK on success
+   */
+   int (*ecc_ptadd)(ecc_point *P, ecc_point *Q, ecc_point *R, void *modulus, void *mp);
+
+   /** ECC GF(p) point double 
+       @param P    The first point
+       @param R    The destination of 2P
+       @param modulus  The modulus
+       @param mp   The "b" value from montgomery_setup()
+       @return CRYPT_OK on success
+   */
+   int (*ecc_ptdbl)(ecc_point *P, ecc_point *R, void *modulus, void *mp);
+
+   /** ECC mapping from projective to affine, currently uses (x,y,z) => (x/z^2, y/z^3, 1)
+       @param P     The point to map
+       @param modulus The modulus
+       @param mp    The "b" value from montgomery_setup()
+       @return CRYPT_OK on success
+       @remark  The mapping can be different but keep in mind a ecc_point only has three 
+                integers (x,y,z) so if you use a different mapping you have to make it fit.
+   */
+   int (*ecc_map)(ecc_point *P, void *modulus, void *mp);
+
+   /** Computes kA*A + kB*B = C using Shamir's Trick
+       @param A        First point to multiply
+       @param kA       What to multiple A by
+       @param B        Second point to multiply
+       @param kB       What to multiple B by
+       @param C        [out] Destination point (can overlap with A or B
+       @param modulus  Modulus for curve 
+       @return CRYPT_OK on success
+   */ 
+   int (*ecc_mul2add)(ecc_point *A, void *kA,
+                      ecc_point *B, void *kB,
+                      ecc_point *C,
+                           void *modulus);
+
+/* ---- (optional) rsa optimized math (for internal CRT) ---- */
+
+   /** RSA Key Generation 
+       @param prng     An active PRNG state
+       @param wprng    The index of the PRNG desired
+       @param size     The size of the modulus (key size) desired (octets)
+       @param e        The "e" value (public key).  e==65537 is a good choice
+       @param key      [out] Destination of a newly created private key pair
+       @return CRYPT_OK if successful, upon error all allocated ram is freed
+    */
+    int (*rsa_keygen)(prng_state *prng, int wprng, int size, long e, rsa_key *key);
+   
+
+   /** RSA exponentiation
+      @param in       The octet array representing the base
+      @param inlen    The length of the input
+      @param out      The destination (to be stored in an octet array format)
+      @param outlen   The length of the output buffer and the resulting size (zero padded to the size of the modulus)
+      @param which    PK_PUBLIC for public RSA and PK_PRIVATE for private RSA
+      @param key      The RSA key to use 
+      @return CRYPT_OK on success
+   */
+   int (*rsa_me)(const unsigned char *in,   unsigned long inlen,
+                       unsigned char *out,  unsigned long *outlen, int which,
+                       rsa_key *key);
+} ltc_math_descriptor;
+
+extern ltc_math_descriptor ltc_mp;
+
+int ltc_init_multi(void **a, ...);
+void ltc_deinit_multi(void *a, ...);
+
+#ifdef LTM_DESC
+extern const ltc_math_descriptor ltm_desc;
+#endif
+
+#ifdef TFM_DESC
+extern const ltc_math_descriptor tfm_desc;
+#endif
+
+#ifdef GMP_DESC
+extern const ltc_math_descriptor gmp_desc;
+#endif
+
+#if !defined(DESC_DEF_ONLY) && defined(LTC_SOURCE)
+
+#define MP_DIGIT_BIT                 ltc_mp.bits_per_digit
+
+/* some handy macros */
+#define mp_init(a)                   ltc_mp.init(a)
+#define mp_init_multi                ltc_init_multi
+#define mp_clear(a)                  ltc_mp.deinit(a)
+#define mp_clear_multi               ltc_deinit_multi
+#define mp_init_copy(a, b)           ltc_mp.init_copy(a, b)
+
+#define mp_neg(a, b)                 ltc_mp.neg(a, b)
+#define mp_copy(a, b)                ltc_mp.copy(a, b)
+
+#define mp_set(a, b)                 ltc_mp.set_int(a, b)
+#define mp_set_int(a, b)             ltc_mp.set_int(a, b)
+#define mp_get_int(a)                ltc_mp.get_int(a)
+#define mp_get_digit(a, n)           ltc_mp.get_digit(a, n)
+#define mp_get_digit_count(a)        ltc_mp.get_digit_count(a)
+#define mp_cmp(a, b)                 ltc_mp.compare(a, b)
+#define mp_cmp_d(a, b)               ltc_mp.compare_d(a, b)
+#define mp_count_bits(a)             ltc_mp.count_bits(a)
+#define mp_cnt_lsb(a)                ltc_mp.count_lsb_bits(a)
+#define mp_2expt(a, b)               ltc_mp.twoexpt(a, b)
+
+#define mp_read_radix(a, b, c)       ltc_mp.read_radix(a, b, c)
+#define mp_toradix(a, b, c)          ltc_mp.write_radix(a, b, c)
+#define mp_unsigned_bin_size(a)      ltc_mp.unsigned_size(a)
+#define mp_to_unsigned_bin(a, b)     ltc_mp.unsigned_write(a, b)
+#define mp_read_unsigned_bin(a, b, c) ltc_mp.unsigned_read(a, b, c)
+
+#define mp_add(a, b, c)              ltc_mp.add(a, b, c)
+#define mp_add_d(a, b, c)            ltc_mp.addi(a, b, c)
+#define mp_sub(a, b, c)              ltc_mp.sub(a, b, c)
+#define mp_sub_d(a, b, c)            ltc_mp.subi(a, b, c)
+#define mp_mul(a, b, c)              ltc_mp.mul(a, b, c)
+#define mp_mul_d(a, b, c)            ltc_mp.muli(a, b, c)
+#define mp_sqr(a, b)                 ltc_mp.sqr(a, b)
+#define mp_div(a, b, c, d)           ltc_mp.mpdiv(a, b, c, d)
+#define mp_div_2(a, b)               ltc_mp.div_2(a, b)
+#define mp_mod(a, b, c)              ltc_mp.mpdiv(a, b, NULL, c)
+#define mp_mod_d(a, b, c)            ltc_mp.modi(a, b, c)
+#define mp_gcd(a, b, c)              ltc_mp.gcd(a, b, c)
+#define mp_lcm(a, b, c)              ltc_mp.lcm(a, b, c)
+
+#define mp_mulmod(a, b, c, d)        ltc_mp.mulmod(a, b, c, d)
+#define mp_sqrmod(a, b, c)           ltc_mp.sqrmod(a, b, c)
+#define mp_invmod(a, b, c)           ltc_mp.invmod(a, b, c)
+
+#define mp_montgomery_setup(a, b)    ltc_mp.montgomery_setup(a, b)
+#define mp_montgomery_normalization(a, b) ltc_mp.montgomery_normalization(a, b)
+#define mp_montgomery_reduce(a, b, c)   ltc_mp.montgomery_reduce(a, b, c)
+#define mp_montgomery_free(a)        ltc_mp.montgomery_deinit(a)
+
+#define mp_exptmod(a,b,c,d)          ltc_mp.exptmod(a,b,c,d)
+#define mp_prime_is_prime(a, b, c)   ltc_mp.isprime(a, c)
+
+#define mp_iszero(a)                 (mp_cmp_d(a, 0) == LTC_MP_EQ ? LTC_MP_YES : LTC_MP_NO)
+#define mp_isodd(a)                  (mp_get_digit_count(a) > 0 ? (mp_get_digit(a, 0) & 1 ? LTC_MP_YES : LTC_MP_NO) : LTC_MP_NO)
+#define mp_exch(a, b)                do { void *ABC__tmp = a; a = b; b = ABC__tmp; } while(0);
+
+#define mp_tohex(a, b)               mp_toradix(a, b, 16)
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_math.h,v $ */
+/* $Revision: 1.43 $ */
+/* $Date: 2006/12/02 19:23:13 $ */
diff --git a/libtomcrypt/src/headers/tomcrypt_misc.h b/libtomcrypt/src/headers/tomcrypt_misc.h
index 3b44795..0b444f8 100644
--- a/libtomcrypt/src/headers/tomcrypt_misc.h
+++ b/libtomcrypt/src/headers/tomcrypt_misc.h
@@ -12,10 +12,12 @@ void zeromem(void *dst, size_t len);
 void burn_stack(unsigned long len);
 
 const char *error_to_string(int err);
-int mpi_to_ltc_error(int err);
 
 extern const char *crypt_build_settings;
 
+/* ---- HMM ---- */
+int crypt_fsa(void *mp, ...);
+
 /* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_misc.h,v $ */
-/* $Revision: 1.2 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/11/06 03:03:01 $ */
diff --git a/libtomcrypt/src/headers/tomcrypt_pk.h b/libtomcrypt/src/headers/tomcrypt_pk.h
index 4f047de..3a0d7ab 100644
--- a/libtomcrypt/src/headers/tomcrypt_pk.h
+++ b/libtomcrypt/src/headers/tomcrypt_pk.h
@@ -1,81 +1,11 @@
 /* ---- NUMBER THEORY ---- */
-#ifdef MPI
-
-#include "ltc_tommath.h"
-
-/* in/out macros */
-#define OUTPUT_BIGNUM(num, out, y, z)                                                             \
-{                                                                                                 \
-      if ((y + 4) > *outlen) { return CRYPT_BUFFER_OVERFLOW; }                                    \
-      z = (unsigned long)mp_unsigned_bin_size(num);                                               \
-      STORE32L(z, out+y);                                                                         \
-      y += 4;                                                                                     \
-      if ((y + z) > *outlen) { return CRYPT_BUFFER_OVERFLOW; }                                    \
-      if ((err = mp_to_unsigned_bin(num, out+y)) != MP_OKAY) { return mpi_to_ltc_error(err); }    \
-      y += z;                                                                                     \
-}
-
-
-#define INPUT_BIGNUM(num, in, x, y, inlen)                       \
-{                                                                \
-     /* load value */                                            \
-     if ((y + 4) > inlen) {                                      \
-        err = CRYPT_INVALID_PACKET;                              \
-        goto error;                                              \
-     }                                                           \
-     LOAD32L(x, in+y);                                           \
-     y += 4;                                                     \
-                                                                 \
-     /* sanity check... */                                       \
-     if ((x+y) > inlen) {                                        \
-        err = CRYPT_INVALID_PACKET;                              \
-        goto error;                                              \
-     }                                                           \
-                                                                 \
-     /* load it */                                               \
-     if ((err = mp_read_unsigned_bin(num, (unsigned char *)in+y, (int)x)) != MP_OKAY) {\
-        err = mpi_to_ltc_error(err);                             \
-        goto error;                                              \
-     }                                                           \
-     y += x;                                                     \
-     if ((err = mp_shrink(num)) != MP_OKAY) {                    \
-        err = mpi_to_ltc_error(err);                             \
-        goto error;                                              \
-     }                                                           \
-}
-
- int is_prime(mp_int *, int *);
- int rand_prime(mp_int *N, long len, prng_state *prng, int wprng);
 
-#else
-   #ifdef MRSA
-      #error RSA requires the big int library 
-   #endif
-   #ifdef MECC
-      #error ECC requires the big int library 
-   #endif
-   #ifdef MDH
-      #error DH requires the big int library 
-   #endif
-   #ifdef MDSA
-      #error DSA requires the big int library 
-   #endif
-#endif /* MPI */
-
-
-/* ---- PUBLIC KEY CRYPTO ---- */
-
-#define PK_PRIVATE            0        /* PK private keys */
-#define PK_PUBLIC             1        /* PK public keys */
-
-/* ---- PACKET ---- */
-#ifdef PACKET
-
-void packet_store_header(unsigned char *dst, int section, int subsection);
-int packet_valid_header(unsigned char *src, int section, int subsection);
-
-#endif
+enum {
+   PK_PUBLIC=0,
+   PK_PRIVATE=1
+};
 
+int rand_prime(void *N, long len, prng_state *prng, int wprng);
 
 /* ---- RSA ---- */
 #ifdef MRSA
@@ -84,9 +14,26 @@ int packet_valid_header(unsigned char *src, int section, int subsection);
 #define MIN_RSA_SIZE 1024
 #define MAX_RSA_SIZE 4096
 
+/** RSA PKCS style key */
 typedef struct Rsa_key {
+    /** Type of key, PK_PRIVATE or PK_PUBLIC */
     int type;
-    mp_int e, d, N, p, q, qP, dP, dQ;
+    /** The public exponent */
+    void *e; 
+    /** The private exponent */
+    void *d; 
+    /** The modulus */
+    void *N; 
+    /** The p factor of N */
+    void *p; 
+    /** The q factor of N */
+    void *q; 
+    /** The 1/q mod p CRT param */
+    void *qP; 
+    /** The d mod (p - 1) CRT param */
+    void *dP; 
+    /** The d mod (q - 1) CRT param */
+    void *dQ;
 } rsa_key;
 
 int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key);
@@ -98,27 +45,42 @@ int rsa_exptmod(const unsigned char *in,   unsigned long inlen,
 void rsa_free(rsa_key *key);
 
 /* These use PKCS #1 v2.0 padding */
-int rsa_encrypt_key(const unsigned char *in,     unsigned long inlen,
-                          unsigned char *out,    unsigned long *outlen,
-                    const unsigned char *lparam, unsigned long lparamlen,
-                    prng_state *prng, int prng_idx, int hash_idx, rsa_key *key);
-                                        
-int rsa_decrypt_key(const unsigned char *in,       unsigned long inlen,
-                          unsigned char *out,      unsigned long *outlen, 
-                    const unsigned char *lparam,   unsigned long lparamlen,
-                          int            hash_idx, int *stat,
-                          rsa_key       *key);
-
-int rsa_sign_hash(const unsigned char *in,     unsigned long  inlen, 
-                        unsigned char *out,    unsigned long *outlen, 
-                        prng_state    *prng,     int            prng_idx,
-                        int            hash_idx, unsigned long  saltlen,
-                        rsa_key *key);
-
-int rsa_verify_hash(const unsigned char *sig,      unsigned long siglen,
-                    const unsigned char *hash,     unsigned long hashlen,
-                          int            hash_idx, unsigned long saltlen,
-                          int           *stat,     rsa_key      *key);
+#define rsa_encrypt_key(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _prng, _prng_idx, _hash_idx, _key) \
+  rsa_encrypt_key_ex(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _prng, _prng_idx, _hash_idx, LTC_PKCS_1_OAEP, _key)
+
+#define rsa_decrypt_key(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _hash_idx, _stat, _key) \
+  rsa_decrypt_key_ex(_in, _inlen, _out, _outlen, _lparam, _lparamlen, _hash_idx, LTC_PKCS_1_OAEP, _stat, _key)
+
+#define rsa_sign_hash(_in, _inlen, _out, _outlen, _prng, _prng_idx, _hash_idx, _saltlen, _key) \
+  rsa_sign_hash_ex(_in, _inlen, _out, _outlen, LTC_PKCS_1_PSS, _prng, _prng_idx, _hash_idx, _saltlen, _key)
+
+#define rsa_verify_hash(_sig, _siglen, _hash, _hashlen, _hash_idx, _saltlen, _stat, _key) \
+  rsa_verify_hash_ex(_sig, _siglen, _hash, _hashlen, LTC_PKCS_1_PSS, _hash_idx, _saltlen, _stat, _key)
+
+/* These can be switched between PKCS #1 v2.x and PKCS #1 v1.5 paddings */
+int rsa_encrypt_key_ex(const unsigned char *in,     unsigned long inlen,
+                             unsigned char *out,    unsigned long *outlen,
+                       const unsigned char *lparam, unsigned long lparamlen,
+                       prng_state *prng, int prng_idx, int hash_idx, int padding, rsa_key *key);
+
+int rsa_decrypt_key_ex(const unsigned char *in,       unsigned long  inlen,
+                             unsigned char *out,      unsigned long *outlen,
+                       const unsigned char *lparam,   unsigned long  lparamlen,
+                             int            hash_idx, int            padding,
+                             int           *stat,     rsa_key       *key);
+
+int rsa_sign_hash_ex(const unsigned char *in,       unsigned long  inlen,
+                           unsigned char *out,      unsigned long *outlen,
+                           int            padding,
+                           prng_state    *prng,     int            prng_idx,
+                           int            hash_idx, unsigned long  saltlen,
+                           rsa_key *key);
+
+int rsa_verify_hash_ex(const unsigned char *sig,      unsigned long siglen,
+                       const unsigned char *hash,     unsigned long hashlen,
+                             int            padding,
+                             int            hash_idx, unsigned long saltlen,
+                             int           *stat,     rsa_key      *key);
 
 /* PKCS #1 import/export */
 int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key);
@@ -126,111 +88,252 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key);
                         
 #endif
 
-/* ---- DH Routines ---- */
-#ifdef MDH 
+/* ---- Katja ---- */
+#ifdef MKAT
 
-typedef struct Dh_key {
-    int idx, type;
-    mp_int x, y;
-} dh_key;
+/* Min and Max KAT key sizes (in bits) */
+#define MIN_KAT_SIZE 1024
+#define MAX_KAT_SIZE 4096
 
-int dh_test(void);
-void dh_sizes(int *low, int *high);
-int dh_get_size(dh_key *key);
+/** Katja PKCS style key */
+typedef struct KAT_key {
+    /** Type of key, PK_PRIVATE or PK_PUBLIC */
+    int type;
+    /** The private exponent */
+    void *d; 
+    /** The modulus */
+    void *N; 
+    /** The p factor of N */
+    void *p; 
+    /** The q factor of N */
+    void *q; 
+    /** The 1/q mod p CRT param */
+    void *qP; 
+    /** The d mod (p - 1) CRT param */
+    void *dP; 
+    /** The d mod (q - 1) CRT param */
+    void *dQ;
+    /** The pq param */
+    void *pq;
+} katja_key;
+
+int katja_make_key(prng_state *prng, int wprng, int size, katja_key *key);
+
+int katja_exptmod(const unsigned char *in,   unsigned long inlen,
+                        unsigned char *out,  unsigned long *outlen, int which,
+                        katja_key *key);
+
+void katja_free(katja_key *key);
 
-int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key);
-void dh_free(dh_key *key);
+/* These use PKCS #1 v2.0 padding */
+int katja_encrypt_key(const unsigned char *in,     unsigned long inlen,
+                            unsigned char *out,    unsigned long *outlen,
+                      const unsigned char *lparam, unsigned long lparamlen,
+                      prng_state *prng, int prng_idx, int hash_idx, katja_key *key);
+                                        
+int katja_decrypt_key(const unsigned char *in,       unsigned long inlen,
+                            unsigned char *out,      unsigned long *outlen, 
+                      const unsigned char *lparam,   unsigned long lparamlen,
+                            int            hash_idx, int *stat,
+                            katja_key       *key);
 
-int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key);
-int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key);
+/* PKCS #1 import/export */
+int katja_export(unsigned char *out, unsigned long *outlen, int type, katja_key *key);
+int katja_import(const unsigned char *in, unsigned long inlen, katja_key *key);
+                        
+#endif
 
-int dh_shared_secret(dh_key        *private_key, dh_key        *public_key,
-                     unsigned char *out,         unsigned long *outlen);
+/* ---- ECC Routines ---- */
+#ifdef MECC
 
-int dh_encrypt_key(const unsigned char *in,    unsigned long  keylen,
-                         unsigned char *out,   unsigned long *outlen, 
-                         prng_state    *prng,  int wprng, int hash, 
-                         dh_key        *key);
+/* size of our temp buffers for exported keys */
+#define ECC_BUF_SIZE 256
 
-int dh_decrypt_key(const unsigned char *in,  unsigned long  inlen, 
-                         unsigned char *out, unsigned long *outlen, 
-                         dh_key *key);
+/* max private key size */
+#define ECC_MAXSIZE  66
 
-int dh_sign_hash(const unsigned char *in,   unsigned long inlen,
-                       unsigned char *out,  unsigned long *outlen,
-                       prng_state    *prng, int wprng, dh_key *key);
+/** Structure defines a NIST GF(p) curve */
+typedef struct {
+   /** The size of the curve in octets */
+   int size;
 
-int dh_verify_hash(const unsigned char *sig,  unsigned long siglen,
-                   const unsigned char *hash, unsigned long hashlen, 
-                   int *stat, dh_key *key);
+   /** name of curve */
+   char *name; 
 
+   /** The prime that defines the field the curve is in (encoded in hex) */
+   char *prime;
 
-#endif
+   /** The fields B param (hex) */
+   char *B;
 
-/* ---- ECC Routines ---- */
-#ifdef MECC
+   /** The order of the curve (hex) */
+   char *order;
+  
+   /** The x co-ordinate of the base point on the curve (hex) */
+   char *Gx;
+ 
+   /** The y co-ordinate of the base point on the curve (hex) */
+   char *Gy;
+} ltc_ecc_set_type;
+
+/** A point on a ECC curve, stored in Jacbobian format such that (x,y,z) => (x/z^2, y/z^3, 1) when interpretted as affine */
 typedef struct {
-    mp_int x, y, z;
+    /** The x co-ordinate */
+    void *x;
+
+    /** The y co-ordinate */
+    void *y;
+
+    /** The z co-ordinate */
+    void *z;
 } ecc_point;
 
+/** An ECC key */
 typedef struct {
-    int type, idx;
+    /** Type of key, PK_PRIVATE or PK_PUBLIC */
+    int type;
+
+    /** Index into the ltc_ecc_sets[] for the parameters of this curve; if -1, then this key is using user supplied curve in dp */
+    int idx;
+
+	/** pointer to domain parameters; either points to NIST curves (identified by idx >= 0) or user supplied curve */
+	const ltc_ecc_set_type *dp;
+
+    /** The public key */
     ecc_point pubkey;
-    mp_int k;
+
+    /** The private key */
+    void *k;
 } ecc_key;
 
-int ecc_test(void);
+/** the ECC params provided */
+extern const ltc_ecc_set_type ltc_ecc_sets[];
+
+int  ecc_test(void);
 void ecc_sizes(int *low, int *high);
-int ecc_get_size(ecc_key *key);
+int  ecc_get_size(ecc_key *key);
 
-int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key);
+int  ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key);
+int  ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_set_type *dp);
 void ecc_free(ecc_key *key);
 
-int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key);
-int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key);
+int  ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key);
+int  ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key);
+int  ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp);
 
-int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key, 
-                      unsigned char *out, unsigned long *outlen);
+int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen);
+int ecc_ansi_x963_import(const unsigned char *in, unsigned long inlen, ecc_key *key);
+int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, ltc_ecc_set_type *dp);
 
-int ecc_encrypt_key(const unsigned char *in,   unsigned long inlen,
-                          unsigned char *out,  unsigned long *outlen, 
-                          prng_state *prng, int wprng, int hash, 
-                          ecc_key *key);
+int  ecc_shared_secret(ecc_key *private_key, ecc_key *public_key, 
+                       unsigned char *out, unsigned long *outlen);
 
-int ecc_decrypt_key(const unsigned char *in,  unsigned long  inlen,
-                          unsigned char *out, unsigned long *outlen, 
-                          ecc_key *key);
+int  ecc_encrypt_key(const unsigned char *in,   unsigned long inlen,
+                           unsigned char *out,  unsigned long *outlen, 
+                           prng_state *prng, int wprng, int hash, 
+                           ecc_key *key);
 
-int ecc_sign_hash(const unsigned char *in,  unsigned long inlen, 
-                        unsigned char *out, unsigned long *outlen, 
-                        prng_state *prng, int wprng, ecc_key *key);
+int  ecc_decrypt_key(const unsigned char *in,  unsigned long  inlen,
+                           unsigned char *out, unsigned long *outlen, 
+                           ecc_key *key);
 
-int ecc_verify_hash(const unsigned char *sig,  unsigned long siglen,
-                    const unsigned char *hash, unsigned long hashlen, 
-                    int *stat, ecc_key *key);
+int  ecc_sign_hash(const unsigned char *in,  unsigned long inlen, 
+                         unsigned char *out, unsigned long *outlen, 
+                         prng_state *prng, int wprng, ecc_key *key);
+
+int  ecc_verify_hash(const unsigned char *sig,  unsigned long siglen,
+                     const unsigned char *hash, unsigned long hashlen, 
+                     int *stat, ecc_key *key);
+
+/* low level functions */
+ecc_point *ltc_ecc_new_point(void);
+void       ltc_ecc_del_point(ecc_point *p);
+int        ltc_ecc_is_valid_idx(int n);
+
+/* point ops (mp == montgomery digit) */
+#if !defined(MECC_ACCEL) || defined(LTM_DESC) || defined(GMP_DESC)
+/* R = 2P */
+int ltc_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *modulus, void *mp);
+
+/* R = P + Q */
+int ltc_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void *modulus, void *mp);
+#endif
+
+#if defined(MECC_FP)
+int ltc_ecc_fp_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map);
+int ltc_ecc_fp_save_state(unsigned char **out, unsigned long *outlen);
+int ltc_ecc_fp_restore_state(unsigned char *in, unsigned long inlen);
+void ltc_ecc_fp_free(void);
+#endif
+
+/* R = kG */
+int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map);
+
+#ifdef LTC_ECC_SHAMIR
+/* kA*A + kB*B = C */
+int ltc_ecc_mul2add(ecc_point *A, void *kA,
+                    ecc_point *B, void *kB,
+                    ecc_point *C,
+                         void *modulus);
+
+#ifdef MECC_FP
+int ltc_ecc_fp_mul2add(ecc_point *A, void *kA,
+                       ecc_point *B, void *kB,
+                       ecc_point *C, void *modulus);
+#endif
+
+#endif
+
+
+/* map P to affine from projective */
+int ltc_ecc_map(ecc_point *P, void *modulus, void *mp);
 
 #endif
 
 #ifdef MDSA
 
+/* Max diff between group and modulus size in bytes */
+#define MDSA_DELTA     512
+
+/* Max DSA group size in bytes (default allows 4k-bit groups) */
+#define MDSA_MAX_GROUP 512
+
+/** DSA key structure */
 typedef struct {
-   int type, qord;
-   mp_int g, q, p, x, y;
+   /** The key type, PK_PRIVATE or PK_PUBLIC */
+   int type; 
+
+   /** The order of the sub-group used in octets */
+   int qord;
+
+   /** The generator  */
+   void *g;
+
+   /** The prime used to generate the sub-group */
+   void *q;
+
+   /** The large prime that generats the field the contains the sub-group */
+   void *p;
+
+   /** The private key */
+   void *x;
+
+   /** The public key */
+   void *y;
 } dsa_key;
 
 int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key);
 void dsa_free(dsa_key *key);
 
-
 int dsa_sign_hash_raw(const unsigned char *in,  unsigned long inlen,
-                                   mp_int *r,   mp_int *s,
+                                   void *r,   void *s,
                                prng_state *prng, int wprng, dsa_key *key);
 
 int dsa_sign_hash(const unsigned char *in,  unsigned long inlen,
                         unsigned char *out, unsigned long *outlen,
                         prng_state *prng, int wprng, dsa_key *key);
 
-int dsa_verify_hash_raw(         mp_int *r,          mp_int *s,
+int dsa_verify_hash_raw(         void *r,          void *s,
                     const unsigned char *hash, unsigned long hashlen, 
                                     int *stat,      dsa_key *key);
 
@@ -238,12 +341,22 @@ int dsa_verify_hash(const unsigned char *sig,  unsigned long siglen,
                     const unsigned char *hash, unsigned long hashlen, 
                           int           *stat, dsa_key       *key);
 
+int dsa_encrypt_key(const unsigned char *in,   unsigned long inlen,
+                          unsigned char *out,  unsigned long *outlen, 
+                          prng_state *prng, int wprng, int hash, 
+                          dsa_key *key);
+                      
+int dsa_decrypt_key(const unsigned char *in,  unsigned long  inlen,
+                          unsigned char *out, unsigned long *outlen, 
+                          dsa_key *key);
+                          
 int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key);
-
 int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key);
-
 int dsa_verify_key(dsa_key *key, int *stat);
 
+int dsa_shared_secret(void          *private_key, void *base,
+                      dsa_key       *public_key,
+                      unsigned char *out,         unsigned long *outlen);
 #endif
 
 #ifdef LTC_DER
@@ -251,6 +364,7 @@ int dsa_verify_key(dsa_key *key, int *stat);
 
 enum {
  LTC_ASN1_EOL,
+ LTC_ASN1_BOOLEAN,
  LTC_ASN1_INTEGER,
  LTC_ASN1_SHORT_INTEGER,
  LTC_ASN1_BIT_STRING,
@@ -259,17 +373,26 @@ enum {
  LTC_ASN1_OBJECT_IDENTIFIER,
  LTC_ASN1_IA5_STRING,
  LTC_ASN1_PRINTABLE_STRING,
+ LTC_ASN1_UTF8_STRING,
  LTC_ASN1_UTCTIME,
-
  LTC_ASN1_CHOICE,
- LTC_ASN1_SEQUENCE
+ LTC_ASN1_SEQUENCE,
+ LTC_ASN1_SET,
+ LTC_ASN1_SETOF
 };
 
-typedef struct {
+/** A LTC ASN.1 list type */
+typedef struct ltc_asn1_list_ {
+   /** The LTC ASN.1 enumerated type identifier */
    int           type;
+   /** The data to encode or place for decoding */
    void         *data;
+   /** The size of the input or resulting output */
    unsigned long size;
+   /** The used flag, this is used by the CHOICE ASN.1 type to indicate which choice was made */
    int           used;
+   /** prev/next entry in the list */
+   struct ltc_asn1_list_ *prev, *next, *child, *parent;
 } ltc_asn1_list;
 
 #define LTC_SET_ASN1(list, index, Type, Data, Size)  \
@@ -277,29 +400,53 @@ typedef struct {
       int LTC_MACRO_temp            = (index);       \
       ltc_asn1_list *LTC_MACRO_list = (list);        \
       LTC_MACRO_list[LTC_MACRO_temp].type = (Type);  \
-      LTC_MACRO_list[LTC_MACRO_temp].data = (Data);  \
+      LTC_MACRO_list[LTC_MACRO_temp].data = (void*)(Data);  \
       LTC_MACRO_list[LTC_MACRO_temp].size = (Size);  \
       LTC_MACRO_list[LTC_MACRO_temp].used = 0;       \
    } while (0);
 
 /* SEQUENCE */
-int der_encode_sequence(ltc_asn1_list *list, unsigned long inlen,
-                        unsigned char *out,  unsigned long *outlen);
+int der_encode_sequence_ex(ltc_asn1_list *list, unsigned long inlen,
+                           unsigned char *out,  unsigned long *outlen, int type_of);
+                          
+#define der_encode_sequence(list, inlen, out, outlen) der_encode_sequence_ex(list, inlen, out, outlen, LTC_ASN1_SEQUENCE)                        
 
-int der_decode_sequence(const unsigned char *in,   unsigned long  inlen,
-                              ltc_asn1_list *list, unsigned long  outlen);
+int der_decode_sequence_ex(const unsigned char *in, unsigned long  inlen,
+                           ltc_asn1_list *list,     unsigned long  outlen, int ordered);
+                              
+#define der_decode_sequence(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, 1)
 
 int der_length_sequence(ltc_asn1_list *list, unsigned long inlen,
                         unsigned long *outlen);
 
-/* VA list handy helpers */
+/* SET */
+#define der_decode_set(in, inlen, list, outlen) der_decode_sequence_ex(in, inlen, list, outlen, 0)
+#define der_length_set der_length_sequence
+int der_encode_set(ltc_asn1_list *list, unsigned long inlen,
+                   unsigned char *out,  unsigned long *outlen);
+
+int der_encode_setof(ltc_asn1_list *list, unsigned long inlen,
+                     unsigned char *out,  unsigned long *outlen);
+                        
+/* VA list handy helpers with triplets of <type, size, data> */
 int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...);
 int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...);
 
+/* FLEXI DECODER handle unknown list decoder */
+int  der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out);
+void der_free_sequence_flexi(ltc_asn1_list *list);
+void der_sequence_free(ltc_asn1_list *in);
+
+/* BOOLEAN */
+int der_length_boolean(unsigned long *outlen);
+int der_encode_boolean(int in, 
+                       unsigned char *out, unsigned long *outlen);
+int der_decode_boolean(const unsigned char *in, unsigned long inlen,
+                                       int *out);		       
 /* INTEGER */
-int der_encode_integer(mp_int *num, unsigned char *out, unsigned long *outlen);
-int der_decode_integer(const unsigned char *in, unsigned long inlen, mp_int *num);
-int der_length_integer(mp_int *num, unsigned long *len);
+int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen);
+int der_decode_integer(const unsigned char *in, unsigned long inlen, void *num);
+int der_length_integer(void *num, unsigned long *len);
 
 /* INTEGER -- handy for 0..2^32-1 values */
 int der_decode_short_integer(const unsigned char *in, unsigned long inlen, unsigned long *num);
@@ -348,6 +495,22 @@ int der_length_printable_string(const unsigned char *octets, unsigned long nocte
 int der_printable_char_encode(int c);
 int der_printable_value_decode(int v);
 
+/* UTF-8 */
+#if (defined(SIZE_MAX) || __STDC_VERSION__ >= 199901L || defined(WCHAR_MAX) || defined(_WCHAR_T) || defined(_WCHAR_T_DEFINED)) && !defined(LTC_NO_WCHAR)
+#include <wchar.h>
+#else
+typedef ulong32 wchar_t;
+#endif
+
+int der_encode_utf8_string(const wchar_t *in,  unsigned long inlen,
+                           unsigned char *out, unsigned long *outlen);
+
+int der_decode_utf8_string(const unsigned char *in,  unsigned long inlen,
+                                       wchar_t *out, unsigned long *outlen);
+unsigned long der_utf8_charsize(const wchar_t c);
+int der_length_utf8_string(const wchar_t *in, unsigned long noctets, unsigned long *outlen);
+
+
 /* CHOICE */
 int der_decode_choice(const unsigned char *in,   unsigned long *inlen,
                             ltc_asn1_list *list, unsigned long  outlen);
@@ -377,5 +540,5 @@ int der_length_utctime(ltc_utctime *utctime, unsigned long *outlen);
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_pk.h,v $ */
-/* $Revision: 1.30 $ */
-/* $Date: 2005/06/19 11:23:03 $ */
+/* $Revision: 1.77 $ */
+/* $Date: 2006/12/03 00:39:56 $ */
diff --git a/libtomcrypt/src/headers/tomcrypt_pkcs.h b/libtomcrypt/src/headers/tomcrypt_pkcs.h
index 8d850de..71bcdb9 100644
--- a/libtomcrypt/src/headers/tomcrypt_pkcs.h
+++ b/libtomcrypt/src/headers/tomcrypt_pkcs.h
@@ -3,12 +3,43 @@
 /* ===> PKCS #1 -- RSA Cryptography <=== */
 #ifdef PKCS_1
 
-int pkcs_1_mgf1(const unsigned char *seed, unsigned long seedlen,
-                      int            hash_idx,
+enum ltc_pkcs_1_v1_5_blocks
+{
+  LTC_PKCS_1_EMSA   = 1,        /* Block type 1 (PKCS #1 v1.5 signature padding) */
+  LTC_PKCS_1_EME    = 2         /* Block type 2 (PKCS #1 v1.5 encryption padding) */
+};
+
+enum ltc_pkcs_1_paddings
+{
+  LTC_PKCS_1_V1_5   = 1,        /* PKCS #1 v1.5 padding (\sa ltc_pkcs_1_v1_5_blocks) */
+  LTC_PKCS_1_OAEP   = 2,        /* PKCS #1 v2.0 encryption padding */
+  LTC_PKCS_1_PSS    = 3         /* PKCS #1 v2.1 signature padding */
+};
+
+int pkcs_1_mgf1(      int            hash_idx,
+                const unsigned char *seed, unsigned long seedlen,
                       unsigned char *mask, unsigned long masklen);
 
-int pkcs_1_i2osp(mp_int *n, unsigned long modulus_len, unsigned char *out);
-int pkcs_1_os2ip(mp_int *n, unsigned char *in, unsigned long inlen);
+int pkcs_1_i2osp(void *n, unsigned long modulus_len, unsigned char *out);
+int pkcs_1_os2ip(void *n, unsigned char *in, unsigned long inlen);
+
+/* *** v1.5 padding */
+int pkcs_1_v1_5_encode(const unsigned char *msg, 
+                             unsigned long  msglen,
+                             int            block_type,
+                             unsigned long  modulus_bitlen,
+                                prng_state *prng, 
+                                       int  prng_idx,
+                             unsigned char *out, 
+                             unsigned long *outlen);
+
+int pkcs_1_v1_5_decode(const unsigned char *msg, 
+                             unsigned long  msglen,
+                                       int  block_type,
+                             unsigned long  modulus_bitlen,
+                             unsigned char *out, 
+                             unsigned long *outlen,
+                                       int *is_valid);
 
 /* *** v2.1 padding */
 int pkcs_1_oaep_encode(const unsigned char *msg,    unsigned long msglen,
@@ -54,5 +85,5 @@ int pkcs_5_alg2(const unsigned char *password, unsigned long password_len,
 #endif  /* PKCS_5 */
 
 /* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_pkcs.h,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/14 11:46:08 $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/11/15 12:44:59 $ */
diff --git a/libtomcrypt/src/headers/tomcrypt_prng.h b/libtomcrypt/src/headers/tomcrypt_prng.h
index f96d408..dd640c9 100644
--- a/libtomcrypt/src/headers/tomcrypt_prng.h
+++ b/libtomcrypt/src/headers/tomcrypt_prng.h
@@ -4,6 +4,7 @@ struct yarrow_prng {
     int                   cipher, hash;
     unsigned char         pool[MAXBLOCKSIZE];
     symmetric_CTR         ctr;
+    LTC_MUTEX_TYPE(prng_lock)
 };
 #endif
 
@@ -28,6 +29,7 @@ struct fortuna_prng {
                   wd;            
 
     ulong64       reset_cnt;  /* number of times we have reset */
+    LTC_MUTEX_TYPE(prng_lock)
 };
 #endif
 
@@ -46,6 +48,7 @@ struct sober128_prng {
 #endif
 
 typedef union Prng_state {
+    char dummy[1];
 #ifdef YARROW
     struct yarrow_prng    yarrow;
 #endif
@@ -60,6 +63,7 @@ typedef union Prng_state {
 #endif
 } prng_state;
 
+/** PRNG descriptor */
 extern struct ltc_prng_descriptor {
     /** Name of the PRNG */
     char *name;
@@ -178,7 +182,7 @@ int find_prng(const char *name);
 int register_prng(const struct ltc_prng_descriptor *prng);
 int unregister_prng(const struct ltc_prng_descriptor *prng);
 int prng_is_valid(int idx);
-LTC_MUTEX_PROTO(ltc_prng_mutex);
+LTC_MUTEX_PROTO(ltc_prng_mutex)
 
 /* Slow RNG you **might** be able to use to seed a PRNG with.  Be careful as this
  * might not work on all platforms as planned
@@ -191,5 +195,5 @@ int rng_make_prng(int bits, int wprng, prng_state *prng, void (*callback)(void))
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/headers/tomcrypt_prng.h,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/05 01:36:43 $ */
diff --git a/libtomcrypt/src/headers/tommath_class.h b/libtomcrypt/src/headers/tommath_class.h
deleted file mode 100644
index 02dd7cf..0000000
--- a/libtomcrypt/src/headers/tommath_class.h
+++ /dev/null
@@ -1,998 +0,0 @@
-#if !(defined(LTM1) && defined(LTM2) && defined(LTM3))
-#if defined(LTM2)
-#define LTM3
-#endif
-#if defined(LTM1)
-#define LTM2
-#endif
-#define LTM1
-
-#if defined(LTM_ALL)
-#define BN_ERROR_C
-#define BN_FAST_MP_INVMOD_C
-#define BN_FAST_MP_MONTGOMERY_REDUCE_C
-#define BN_FAST_S_MP_MUL_DIGS_C
-#define BN_FAST_S_MP_MUL_HIGH_DIGS_C
-#define BN_FAST_S_MP_SQR_C
-#define BN_MP_2EXPT_C
-#define BN_MP_ABS_C
-#define BN_MP_ADD_C
-#define BN_MP_ADD_D_C
-#define BN_MP_ADDMOD_C
-#define BN_MP_AND_C
-#define BN_MP_CLAMP_C
-#define BN_MP_CLEAR_C
-#define BN_MP_CLEAR_MULTI_C
-#define BN_MP_CMP_C
-#define BN_MP_CMP_D_C
-#define BN_MP_CMP_MAG_C
-#define BN_MP_CNT_LSB_C
-#define BN_MP_COPY_C
-#define BN_MP_COUNT_BITS_C
-#define BN_MP_DIV_C
-#define BN_MP_DIV_2_C
-#define BN_MP_DIV_2D_C
-#define BN_MP_DIV_3_C
-#define BN_MP_DIV_D_C
-#define BN_MP_DR_IS_MODULUS_C
-#define BN_MP_DR_REDUCE_C
-#define BN_MP_DR_SETUP_C
-#define BN_MP_EXCH_C
-#define BN_MP_EXPT_D_C
-#define BN_MP_EXPTMOD_C
-#define BN_MP_EXPTMOD_FAST_C
-#define BN_MP_EXTEUCLID_C
-#define BN_MP_FREAD_C
-#define BN_MP_FWRITE_C
-#define BN_MP_GCD_C
-#define BN_MP_GET_INT_C
-#define BN_MP_GROW_C
-#define BN_MP_INIT_C
-#define BN_MP_INIT_COPY_C
-#define BN_MP_INIT_MULTI_C
-#define BN_MP_INIT_SET_C
-#define BN_MP_INIT_SET_INT_C
-#define BN_MP_INIT_SIZE_C
-#define BN_MP_INVMOD_C
-#define BN_MP_INVMOD_SLOW_C
-#define BN_MP_IS_SQUARE_C
-#define BN_MP_JACOBI_C
-#define BN_MP_KARATSUBA_MUL_C
-#define BN_MP_KARATSUBA_SQR_C
-#define BN_MP_LCM_C
-#define BN_MP_LSHD_C
-#define BN_MP_MOD_C
-#define BN_MP_MOD_2D_C
-#define BN_MP_MOD_D_C
-#define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C
-#define BN_MP_MONTGOMERY_REDUCE_C
-#define BN_MP_MONTGOMERY_SETUP_C
-#define BN_MP_MUL_C
-#define BN_MP_MUL_2_C
-#define BN_MP_MUL_2D_C
-#define BN_MP_MUL_D_C
-#define BN_MP_MULMOD_C
-#define BN_MP_N_ROOT_C
-#define BN_MP_NEG_C
-#define BN_MP_OR_C
-#define BN_MP_PRIME_FERMAT_C
-#define BN_MP_PRIME_IS_DIVISIBLE_C
-#define BN_MP_PRIME_IS_PRIME_C
-#define BN_MP_PRIME_MILLER_RABIN_C
-#define BN_MP_PRIME_NEXT_PRIME_C
-#define BN_MP_PRIME_RABIN_MILLER_TRIALS_C
-#define BN_MP_PRIME_RANDOM_EX_C
-#define BN_MP_RADIX_SIZE_C
-#define BN_MP_RADIX_SMAP_C
-#define BN_MP_RAND_C
-#define BN_MP_READ_RADIX_C
-#define BN_MP_READ_SIGNED_BIN_C
-#define BN_MP_READ_UNSIGNED_BIN_C
-#define BN_MP_REDUCE_C
-#define BN_MP_REDUCE_2K_C
-#define BN_MP_REDUCE_2K_L_C
-#define BN_MP_REDUCE_2K_SETUP_C
-#define BN_MP_REDUCE_2K_SETUP_L_C
-#define BN_MP_REDUCE_IS_2K_C
-#define BN_MP_REDUCE_IS_2K_L_C
-#define BN_MP_REDUCE_SETUP_C
-#define BN_MP_RSHD_C
-#define BN_MP_SET_C
-#define BN_MP_SET_INT_C
-#define BN_MP_SHRINK_C
-#define BN_MP_SIGNED_BIN_SIZE_C
-#define BN_MP_SQR_C
-#define BN_MP_SQRMOD_C
-#define BN_MP_SQRT_C
-#define BN_MP_SUB_C
-#define BN_MP_SUB_D_C
-#define BN_MP_SUBMOD_C
-#define BN_MP_TO_SIGNED_BIN_C
-#define BN_MP_TO_SIGNED_BIN_N_C
-#define BN_MP_TO_UNSIGNED_BIN_C
-#define BN_MP_TO_UNSIGNED_BIN_N_C
-#define BN_MP_TOOM_MUL_C
-#define BN_MP_TOOM_SQR_C
-#define BN_MP_TORADIX_C
-#define BN_MP_TORADIX_N_C
-#define BN_MP_UNSIGNED_BIN_SIZE_C
-#define BN_MP_XOR_C
-#define BN_MP_ZERO_C
-#define BN_PRIME_TAB_C
-#define BN_REVERSE_C
-#define BN_S_MP_ADD_C
-#define BN_S_MP_EXPTMOD_C
-#define BN_S_MP_MUL_DIGS_C
-#define BN_S_MP_MUL_HIGH_DIGS_C
-#define BN_S_MP_SQR_C
-#define BN_S_MP_SUB_C
-#define BNCORE_C
-#endif
-
-#if defined(BN_ERROR_C)
-   #define BN_MP_ERROR_TO_STRING_C
-#endif
-
-#if defined(BN_FAST_MP_INVMOD_C)
-   #define BN_MP_ISEVEN_C
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_COPY_C
-   #define BN_MP_MOD_C
-   #define BN_MP_SET_C
-   #define BN_MP_DIV_2_C
-   #define BN_MP_ISODD_C
-   #define BN_MP_SUB_C
-   #define BN_MP_CMP_C
-   #define BN_MP_ISZERO_C
-   #define BN_MP_CMP_D_C
-   #define BN_MP_ADD_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_MULTI_C
-#endif
-
-#if defined(BN_FAST_MP_MONTGOMERY_REDUCE_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-#endif
-
-#if defined(BN_FAST_S_MP_MUL_DIGS_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_FAST_S_MP_MUL_HIGH_DIGS_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_FAST_S_MP_SQR_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_2EXPT_C)
-   #define BN_MP_ZERO_C
-   #define BN_MP_GROW_C
-#endif
-
-#if defined(BN_MP_ABS_C)
-   #define BN_MP_COPY_C
-#endif
-
-#if defined(BN_MP_ADD_C)
-   #define BN_S_MP_ADD_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-#endif
-
-#if defined(BN_MP_ADD_D_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_SUB_D_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_ADDMOD_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_ADD_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_MOD_C
-#endif
-
-#if defined(BN_MP_AND_C)
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_CLAMP_C)
-#endif
-
-#if defined(BN_MP_CLEAR_C)
-#endif
-
-#if defined(BN_MP_CLEAR_MULTI_C)
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_CMP_C)
-   #define BN_MP_CMP_MAG_C
-#endif
-
-#if defined(BN_MP_CMP_D_C)
-#endif
-
-#if defined(BN_MP_CMP_MAG_C)
-#endif
-
-#if defined(BN_MP_CNT_LSB_C)
-   #define BN_MP_ISZERO_C
-#endif
-
-#if defined(BN_MP_COPY_C)
-   #define BN_MP_GROW_C
-#endif
-
-#if defined(BN_MP_COUNT_BITS_C)
-#endif
-
-#if defined(BN_MP_DIV_C)
-   #define BN_MP_ISZERO_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_MP_COPY_C
-   #define BN_MP_ZERO_C
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_SET_C
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_ABS_C
-   #define BN_MP_MUL_2D_C
-   #define BN_MP_CMP_C
-   #define BN_MP_SUB_C
-   #define BN_MP_ADD_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_MULTI_C
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_INIT_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_LSHD_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_MUL_D_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_DIV_2_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_DIV_2D_C)
-   #define BN_MP_COPY_C
-   #define BN_MP_ZERO_C
-   #define BN_MP_INIT_C
-   #define BN_MP_MOD_2D_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-#endif
-
-#if defined(BN_MP_DIV_3_C)
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_DIV_D_C)
-   #define BN_MP_ISZERO_C
-   #define BN_MP_COPY_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_DIV_3_C
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_DR_IS_MODULUS_C)
-#endif
-
-#if defined(BN_MP_DR_REDUCE_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-#endif
-
-#if defined(BN_MP_DR_SETUP_C)
-#endif
-
-#if defined(BN_MP_EXCH_C)
-#endif
-
-#if defined(BN_MP_EXPT_D_C)
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_SET_C
-   #define BN_MP_SQR_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_MUL_C
-#endif
-
-#if defined(BN_MP_EXPTMOD_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_INVMOD_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_ABS_C
-   #define BN_MP_CLEAR_MULTI_C
-   #define BN_MP_REDUCE_IS_2K_L_C
-   #define BN_S_MP_EXPTMOD_C
-   #define BN_MP_DR_IS_MODULUS_C
-   #define BN_MP_REDUCE_IS_2K_C
-   #define BN_MP_ISODD_C
-   #define BN_MP_EXPTMOD_FAST_C
-#endif
-
-#if defined(BN_MP_EXPTMOD_FAST_C)
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_INIT_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_MONTGOMERY_SETUP_C
-   #define BN_FAST_MP_MONTGOMERY_REDUCE_C
-   #define BN_MP_MONTGOMERY_REDUCE_C
-   #define BN_MP_DR_SETUP_C
-   #define BN_MP_DR_REDUCE_C
-   #define BN_MP_REDUCE_2K_SETUP_C
-   #define BN_MP_REDUCE_2K_C
-   #define BN_MP_MONTGOMERY_CALC_NORMALIZATION_C
-   #define BN_MP_MULMOD_C
-   #define BN_MP_SET_C
-   #define BN_MP_MOD_C
-   #define BN_MP_COPY_C
-   #define BN_MP_SQR_C
-   #define BN_MP_MUL_C
-   #define BN_MP_EXCH_C
-#endif
-
-#if defined(BN_MP_EXTEUCLID_C)
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_SET_C
-   #define BN_MP_COPY_C
-   #define BN_MP_ISZERO_C
-   #define BN_MP_DIV_C
-   #define BN_MP_MUL_C
-   #define BN_MP_SUB_C
-   #define BN_MP_NEG_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_MULTI_C
-#endif
-
-#if defined(BN_MP_FREAD_C)
-   #define BN_MP_ZERO_C
-   #define BN_MP_S_RMAP_C
-   #define BN_MP_MUL_D_C
-   #define BN_MP_ADD_D_C
-   #define BN_MP_CMP_D_C
-#endif
-
-#if defined(BN_MP_FWRITE_C)
-   #define BN_MP_RADIX_SIZE_C
-   #define BN_MP_TORADIX_C
-#endif
-
-#if defined(BN_MP_GCD_C)
-   #define BN_MP_ISZERO_C
-   #define BN_MP_ABS_C
-   #define BN_MP_ZERO_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_CNT_LSB_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_MP_EXCH_C
-   #define BN_S_MP_SUB_C
-   #define BN_MP_MUL_2D_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_GET_INT_C)
-#endif
-
-#if defined(BN_MP_GROW_C)
-#endif
-
-#if defined(BN_MP_INIT_C)
-#endif
-
-#if defined(BN_MP_INIT_COPY_C)
-   #define BN_MP_COPY_C
-#endif
-
-#if defined(BN_MP_INIT_MULTI_C)
-   #define BN_MP_ERR_C
-   #define BN_MP_INIT_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_INIT_SET_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_SET_C
-#endif
-
-#if defined(BN_MP_INIT_SET_INT_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_SET_INT_C
-#endif
-
-#if defined(BN_MP_INIT_SIZE_C)
-   #define BN_MP_INIT_C
-#endif
-
-#if defined(BN_MP_INVMOD_C)
-   #define BN_MP_ISZERO_C
-   #define BN_MP_ISODD_C
-   #define BN_FAST_MP_INVMOD_C
-   #define BN_MP_INVMOD_SLOW_C
-#endif
-
-#if defined(BN_MP_INVMOD_SLOW_C)
-   #define BN_MP_ISZERO_C
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_MOD_C
-   #define BN_MP_COPY_C
-   #define BN_MP_ISEVEN_C
-   #define BN_MP_SET_C
-   #define BN_MP_DIV_2_C
-   #define BN_MP_ISODD_C
-   #define BN_MP_ADD_C
-   #define BN_MP_SUB_C
-   #define BN_MP_CMP_C
-   #define BN_MP_CMP_D_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_MULTI_C
-#endif
-
-#if defined(BN_MP_IS_SQUARE_C)
-   #define BN_MP_MOD_D_C
-   #define BN_MP_INIT_SET_INT_C
-   #define BN_MP_MOD_C
-   #define BN_MP_GET_INT_C
-   #define BN_MP_SQRT_C
-   #define BN_MP_SQR_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_JACOBI_C)
-   #define BN_MP_CMP_D_C
-   #define BN_MP_ISZERO_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_CNT_LSB_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_MOD_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_KARATSUBA_MUL_C)
-   #define BN_MP_MUL_C
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_SUB_C
-   #define BN_MP_ADD_C
-   #define BN_MP_LSHD_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_KARATSUBA_SQR_C)
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_SQR_C
-   #define BN_MP_SUB_C
-   #define BN_S_MP_ADD_C
-   #define BN_MP_LSHD_C
-   #define BN_MP_ADD_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_LCM_C)
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_GCD_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_MP_DIV_C
-   #define BN_MP_MUL_C
-   #define BN_MP_CLEAR_MULTI_C
-#endif
-
-#if defined(BN_MP_LSHD_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_RSHD_C
-#endif
-
-#if defined(BN_MP_MOD_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_DIV_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_ADD_C
-   #define BN_MP_EXCH_C
-#endif
-
-#if defined(BN_MP_MOD_2D_C)
-   #define BN_MP_ZERO_C
-   #define BN_MP_COPY_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_MOD_D_C)
-   #define BN_MP_DIV_D_C
-#endif
-
-#if defined(BN_MP_MONTGOMERY_CALC_NORMALIZATION_C)
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_2EXPT_C
-   #define BN_MP_SET_C
-   #define BN_MP_MUL_2_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-#endif
-
-#if defined(BN_MP_MONTGOMERY_REDUCE_C)
-   #define BN_FAST_MP_MONTGOMERY_REDUCE_C
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-#endif
-
-#if defined(BN_MP_MONTGOMERY_SETUP_C)
-#endif
-
-#if defined(BN_MP_MUL_C)
-   #define BN_MP_TOOM_MUL_C
-   #define BN_MP_KARATSUBA_MUL_C
-   #define BN_FAST_S_MP_MUL_DIGS_C
-   #define BN_S_MP_MUL_C
-   #define BN_S_MP_MUL_DIGS_C
-#endif
-
-#if defined(BN_MP_MUL_2_C)
-   #define BN_MP_GROW_C
-#endif
-
-#if defined(BN_MP_MUL_2D_C)
-   #define BN_MP_COPY_C
-   #define BN_MP_GROW_C
-   #define BN_MP_LSHD_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_MUL_D_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_MULMOD_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_MUL_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_MOD_C
-#endif
-
-#if defined(BN_MP_N_ROOT_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_SET_C
-   #define BN_MP_COPY_C
-   #define BN_MP_EXPT_D_C
-   #define BN_MP_MUL_C
-   #define BN_MP_SUB_C
-   #define BN_MP_MUL_D_C
-   #define BN_MP_DIV_C
-   #define BN_MP_CMP_C
-   #define BN_MP_SUB_D_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_NEG_C)
-   #define BN_MP_COPY_C
-   #define BN_MP_ISZERO_C
-#endif
-
-#if defined(BN_MP_OR_C)
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_PRIME_FERMAT_C)
-   #define BN_MP_CMP_D_C
-   #define BN_MP_INIT_C
-   #define BN_MP_EXPTMOD_C
-   #define BN_MP_CMP_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_PRIME_IS_DIVISIBLE_C)
-   #define BN_MP_MOD_D_C
-#endif
-
-#if defined(BN_MP_PRIME_IS_PRIME_C)
-   #define BN_MP_CMP_D_C
-   #define BN_MP_PRIME_IS_DIVISIBLE_C
-   #define BN_MP_INIT_C
-   #define BN_MP_SET_C
-   #define BN_MP_PRIME_MILLER_RABIN_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_PRIME_MILLER_RABIN_C)
-   #define BN_MP_CMP_D_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_SUB_D_C
-   #define BN_MP_CNT_LSB_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_EXPTMOD_C
-   #define BN_MP_CMP_C
-   #define BN_MP_SQRMOD_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_PRIME_NEXT_PRIME_C)
-   #define BN_MP_CMP_D_C
-   #define BN_MP_SET_C
-   #define BN_MP_SUB_D_C
-   #define BN_MP_ISEVEN_C
-   #define BN_MP_MOD_D_C
-   #define BN_MP_INIT_C
-   #define BN_MP_ADD_D_C
-   #define BN_MP_PRIME_MILLER_RABIN_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_PRIME_RABIN_MILLER_TRIALS_C)
-#endif
-
-#if defined(BN_MP_PRIME_RANDOM_EX_C)
-   #define BN_MP_READ_UNSIGNED_BIN_C
-   #define BN_MP_PRIME_IS_PRIME_C
-   #define BN_MP_SUB_D_C
-   #define BN_MP_DIV_2_C
-   #define BN_MP_MUL_2_C
-   #define BN_MP_ADD_D_C
-#endif
-
-#if defined(BN_MP_RADIX_SIZE_C)
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_ISZERO_C
-   #define BN_MP_DIV_D_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_RADIX_SMAP_C)
-   #define BN_MP_S_RMAP_C
-#endif
-
-#if defined(BN_MP_RAND_C)
-   #define BN_MP_ZERO_C
-   #define BN_MP_ADD_D_C
-   #define BN_MP_LSHD_C
-#endif
-
-#if defined(BN_MP_READ_RADIX_C)
-   #define BN_MP_ZERO_C
-   #define BN_MP_S_RMAP_C
-   #define BN_MP_MUL_D_C
-   #define BN_MP_ADD_D_C
-   #define BN_MP_ISZERO_C
-#endif
-
-#if defined(BN_MP_READ_SIGNED_BIN_C)
-   #define BN_MP_READ_UNSIGNED_BIN_C
-#endif
-
-#if defined(BN_MP_READ_UNSIGNED_BIN_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_ZERO_C
-   #define BN_MP_MUL_2D_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_REDUCE_C)
-   #define BN_MP_REDUCE_SETUP_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_MUL_C
-   #define BN_S_MP_MUL_HIGH_DIGS_C
-   #define BN_FAST_S_MP_MUL_HIGH_DIGS_C
-   #define BN_MP_MOD_2D_C
-   #define BN_S_MP_MUL_DIGS_C
-   #define BN_MP_SUB_C
-   #define BN_MP_CMP_D_C
-   #define BN_MP_SET_C
-   #define BN_MP_LSHD_C
-   #define BN_MP_ADD_C
-   #define BN_MP_CMP_C
-   #define BN_S_MP_SUB_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_REDUCE_2K_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_MUL_D_C
-   #define BN_S_MP_ADD_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_REDUCE_2K_L_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_MUL_C
-   #define BN_S_MP_ADD_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_REDUCE_2K_SETUP_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_2EXPT_C
-   #define BN_MP_CLEAR_C
-   #define BN_S_MP_SUB_C
-#endif
-
-#if defined(BN_MP_REDUCE_2K_SETUP_L_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_2EXPT_C
-   #define BN_MP_COUNT_BITS_C
-   #define BN_S_MP_SUB_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_REDUCE_IS_2K_C)
-   #define BN_MP_REDUCE_2K_C
-   #define BN_MP_COUNT_BITS_C
-#endif
-
-#if defined(BN_MP_REDUCE_IS_2K_L_C)
-#endif
-
-#if defined(BN_MP_REDUCE_SETUP_C)
-   #define BN_MP_2EXPT_C
-   #define BN_MP_DIV_C
-#endif
-
-#if defined(BN_MP_RSHD_C)
-   #define BN_MP_ZERO_C
-#endif
-
-#if defined(BN_MP_SET_C)
-   #define BN_MP_ZERO_C
-#endif
-
-#if defined(BN_MP_SET_INT_C)
-   #define BN_MP_ZERO_C
-   #define BN_MP_MUL_2D_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_SHRINK_C)
-#endif
-
-#if defined(BN_MP_SIGNED_BIN_SIZE_C)
-   #define BN_MP_UNSIGNED_BIN_SIZE_C
-#endif
-
-#if defined(BN_MP_SQR_C)
-   #define BN_MP_TOOM_SQR_C
-   #define BN_MP_KARATSUBA_SQR_C
-   #define BN_FAST_S_MP_SQR_C
-   #define BN_S_MP_SQR_C
-#endif
-
-#if defined(BN_MP_SQRMOD_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_SQR_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_MOD_C
-#endif
-
-#if defined(BN_MP_SQRT_C)
-   #define BN_MP_N_ROOT_C
-   #define BN_MP_ISZERO_C
-   #define BN_MP_ZERO_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_DIV_C
-   #define BN_MP_ADD_C
-   #define BN_MP_DIV_2_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_SUB_C)
-   #define BN_S_MP_ADD_C
-   #define BN_MP_CMP_MAG_C
-   #define BN_S_MP_SUB_C
-#endif
-
-#if defined(BN_MP_SUB_D_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_ADD_D_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_MP_SUBMOD_C)
-   #define BN_MP_INIT_C
-   #define BN_MP_SUB_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_MOD_C
-#endif
-
-#if defined(BN_MP_TO_SIGNED_BIN_C)
-   #define BN_MP_TO_UNSIGNED_BIN_C
-#endif
-
-#if defined(BN_MP_TO_SIGNED_BIN_N_C)
-   #define BN_MP_SIGNED_BIN_SIZE_C
-   #define BN_MP_TO_SIGNED_BIN_C
-#endif
-
-#if defined(BN_MP_TO_UNSIGNED_BIN_C)
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_ISZERO_C
-   #define BN_MP_DIV_2D_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_TO_UNSIGNED_BIN_N_C)
-   #define BN_MP_UNSIGNED_BIN_SIZE_C
-   #define BN_MP_TO_UNSIGNED_BIN_C
-#endif
-
-#if defined(BN_MP_TOOM_MUL_C)
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_MOD_2D_C
-   #define BN_MP_COPY_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_MUL_C
-   #define BN_MP_MUL_2_C
-   #define BN_MP_ADD_C
-   #define BN_MP_SUB_C
-   #define BN_MP_DIV_2_C
-   #define BN_MP_MUL_2D_C
-   #define BN_MP_MUL_D_C
-   #define BN_MP_DIV_3_C
-   #define BN_MP_LSHD_C
-   #define BN_MP_CLEAR_MULTI_C
-#endif
-
-#if defined(BN_MP_TOOM_SQR_C)
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_MOD_2D_C
-   #define BN_MP_COPY_C
-   #define BN_MP_RSHD_C
-   #define BN_MP_SQR_C
-   #define BN_MP_MUL_2_C
-   #define BN_MP_ADD_C
-   #define BN_MP_SUB_C
-   #define BN_MP_DIV_2_C
-   #define BN_MP_MUL_2D_C
-   #define BN_MP_MUL_D_C
-   #define BN_MP_DIV_3_C
-   #define BN_MP_LSHD_C
-   #define BN_MP_CLEAR_MULTI_C
-#endif
-
-#if defined(BN_MP_TORADIX_C)
-   #define BN_MP_ISZERO_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_DIV_D_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_S_RMAP_C
-#endif
-
-#if defined(BN_MP_TORADIX_N_C)
-   #define BN_MP_ISZERO_C
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_DIV_D_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_S_RMAP_C
-#endif
-
-#if defined(BN_MP_UNSIGNED_BIN_SIZE_C)
-   #define BN_MP_COUNT_BITS_C
-#endif
-
-#if defined(BN_MP_XOR_C)
-   #define BN_MP_INIT_COPY_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_MP_ZERO_C)
-#endif
-
-#if defined(BN_PRIME_TAB_C)
-#endif
-
-#if defined(BN_REVERSE_C)
-#endif
-
-#if defined(BN_S_MP_ADD_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BN_S_MP_EXPTMOD_C)
-   #define BN_MP_COUNT_BITS_C
-   #define BN_MP_INIT_C
-   #define BN_MP_CLEAR_C
-   #define BN_MP_REDUCE_SETUP_C
-   #define BN_MP_REDUCE_C
-   #define BN_MP_REDUCE_2K_SETUP_L_C
-   #define BN_MP_REDUCE_2K_L_C
-   #define BN_MP_MOD_C
-   #define BN_MP_COPY_C
-   #define BN_MP_SQR_C
-   #define BN_MP_MUL_C
-   #define BN_MP_SET_C
-   #define BN_MP_EXCH_C
-#endif
-
-#if defined(BN_S_MP_MUL_DIGS_C)
-   #define BN_FAST_S_MP_MUL_DIGS_C
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_S_MP_MUL_HIGH_DIGS_C)
-   #define BN_FAST_S_MP_MUL_HIGH_DIGS_C
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_S_MP_SQR_C)
-   #define BN_MP_INIT_SIZE_C
-   #define BN_MP_CLAMP_C
-   #define BN_MP_EXCH_C
-   #define BN_MP_CLEAR_C
-#endif
-
-#if defined(BN_S_MP_SUB_C)
-   #define BN_MP_GROW_C
-   #define BN_MP_CLAMP_C
-#endif
-
-#if defined(BNCORE_C)
-#endif
-
-#ifdef LTM3
-#define LTM_LAST
-#endif
-#include <tommath_superclass.h>
-#include <tommath_class.h>
-#else
-#define LTM_LAST
-#endif
-
-/* $Source: /cvs/libtom/libtomcrypt/src/headers/tommath_class.h,v $ */
-/* $Revision: 1.2 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
diff --git a/libtomcrypt/src/headers/tommath_superclass.h b/libtomcrypt/src/headers/tommath_superclass.h
deleted file mode 100644
index 89f3f57..0000000
--- a/libtomcrypt/src/headers/tommath_superclass.h
+++ /dev/null
@@ -1,80 +0,0 @@
-/* super class file for PK algos */
-
-/* default ... include all MPI */
-#ifndef SC_RSA_1
-
-#define LTM_ALL
-
-#endif
-
-/* RSA only (does not support DH/DSA/ECC) */
-/* #define SC_RSA_1 */
-
-/* For reference.... On an Athlon64 optimizing for speed...
-
-   LTM's mpi.o with all functions [striped] is 142KiB in size.
-
-*/
-
-/* Works for RSA only, mpi.o is 68KiB */
-#ifdef SC_RSA_1
-   #define BN_MP_SHRINK_C
-   #define BN_MP_LCM_C
-   #define BN_MP_PRIME_RANDOM_EX_C
-   #define BN_MP_INVMOD_C
-   #define BN_MP_GCD_C
-   #define BN_MP_MOD_C
-   #define BN_MP_MULMOD_C
-   #define BN_MP_ADDMOD_C
-   #define BN_MP_EXPTMOD_C
-   #define BN_MP_SET_INT_C
-   #define BN_MP_INIT_MULTI_C
-   #define BN_MP_CLEAR_MULTI_C
-   #define BN_MP_UNSIGNED_BIN_SIZE_C
-   #define BN_MP_TO_UNSIGNED_BIN_C
-   #define BN_MP_MOD_D_C
-   #define BN_MP_PRIME_RABIN_MILLER_TRIALS_C
-   #define BN_REVERSE_C
-   #define BN_PRIME_TAB_C
-
-   /* other modifiers */
-   #define BN_MP_DIV_SMALL                    /* Slower division, not critical */
-
-   /* here we are on the last pass so we turn things off.  The functions classes are still there
-    * but we remove them specifically from the build.  This also invokes tweaks in functions
-    * like removing support for even moduli, etc...
-    */
-#ifdef LTM_LAST
-   #undef  BN_MP_TOOM_MUL_C
-   #undef  BN_MP_TOOM_SQR_C
-   #undef  BN_MP_KARATSUBA_MUL_C
-   #undef  BN_MP_KARATSUBA_SQR_C
-   #undef  BN_MP_REDUCE_C
-   #undef  BN_MP_REDUCE_SETUP_C
-   #undef  BN_MP_DR_IS_MODULUS_C
-   #undef  BN_MP_DR_SETUP_C
-   #undef  BN_MP_DR_REDUCE_C
-   #undef  BN_MP_REDUCE_IS_2K_C
-   #undef  BN_MP_REDUCE_2K_SETUP_C
-   #undef  BN_MP_REDUCE_2K_C
-   #undef  BN_S_MP_EXPTMOD_C
-   #undef  BN_MP_DIV_3_C
-   #undef  BN_S_MP_MUL_HIGH_DIGS_C
-   #undef  BN_FAST_S_MP_MUL_HIGH_DIGS_C
-   #undef  BN_FAST_MP_INVMOD_C
-
-   /* To safely undefine these you have to make sure your RSA key won't exceed the Comba threshold
-    * which is roughly 255 digits [7140 bits for 32-bit machines, 15300 bits for 64-bit machines] 
-    * which means roughly speaking you can handle upto 2536-bit RSA keys with these defined without
-    * trouble.  
-    */
-   #undef  BN_S_MP_MUL_DIGS_C
-   #undef  BN_S_MP_SQR_C
-   #undef  BN_MP_MONTGOMERY_REDUCE_C
-#endif
-
-#endif
-
-/* $Source: /cvs/libtom/libtomcrypt/src/headers/tommath_superclass.h,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/14 13:27:20 $ */
diff --git a/libtomcrypt/src/mac/f9/f9_done.c b/libtomcrypt/src/mac/f9/f9_done.c
new file mode 100644
index 0000000..1794ecc
--- /dev/null
+++ b/libtomcrypt/src/mac/f9/f9_done.c
@@ -0,0 +1,77 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file f9_done.c
+  f9 Support, terminate the state
+*/
+
+#ifdef LTC_F9_MODE
+
+/** Terminate the f9-MAC state
+  @param f9     f9 state to terminate
+  @param out      [out] Destination for the MAC tag
+  @param outlen   [in/out] Destination size and final tag size
+  Return CRYPT_OK on success
+*/
+int f9_done(f9_state *f9, unsigned char *out, unsigned long *outlen)
+{
+   int err, x;
+   LTC_ARGCHK(f9 != NULL);
+   LTC_ARGCHK(out  != NULL);
+
+   /* check structure */
+   if ((err = cipher_is_valid(f9->cipher)) != CRYPT_OK) {
+      return err;
+   }
+
+   if ((f9->blocksize > cipher_descriptor[f9->cipher].block_length) || (f9->blocksize < 0) ||
+       (f9->buflen > f9->blocksize) || (f9->buflen < 0)) {
+      return CRYPT_INVALID_ARG;
+   }
+
+   if (f9->buflen != 0) {
+      /* encrypt */
+      cipher_descriptor[f9->cipher].ecb_encrypt(f9->IV, f9->IV, &f9->key);
+      f9->buflen = 0;
+      for (x = 0; x < f9->blocksize; x++) {
+         f9->ACC[x] ^= f9->IV[x];
+      }
+   }
+
+   /* schedule modified key */
+   if ((err = cipher_descriptor[f9->cipher].setup(f9->akey, f9->keylen, 0, &f9->key)) != CRYPT_OK) {
+      return err;
+   }
+
+   /* encrypt the ACC */
+   cipher_descriptor[f9->cipher].ecb_encrypt(f9->ACC, f9->ACC, &f9->key);
+   cipher_descriptor[f9->cipher].done(&f9->key);
+
+   /* extract tag */
+   for (x = 0; x < f9->blocksize && (unsigned long)x < *outlen; x++) {
+      out[x] = f9->ACC[x];
+   }
+   *outlen = x;
+  
+#ifdef LTC_CLEAN_STACK
+   zeromem(f9, sizeof(*f9));
+#endif
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/f9/f9_done.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/09 01:53:32 $ */
+
diff --git a/libtomcrypt/src/mac/f9/f9_file.c b/libtomcrypt/src/mac/f9/f9_file.c
new file mode 100644
index 0000000..4c53e76
--- /dev/null
+++ b/libtomcrypt/src/mac/f9/f9_file.c
@@ -0,0 +1,83 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/** 
+  @file f9_file.c
+  f9 support, process a file, Tom St Denis
+*/
+
+#ifdef LTC_F9_MODE
+
+/**
+   f9 a file
+   @param cipher   The index of the cipher desired
+   @param key      The secret key
+   @param keylen   The length of the secret key (octets)
+   @param filename The name of the file you wish to f9
+   @param out      [out] Where the authentication tag is to be stored
+   @param outlen   [in/out] The max size and resulting size of the authentication tag
+   @return CRYPT_OK if successful, CRYPT_NOP if file support has been disabled
+*/
+int f9_file(int cipher,
+              const unsigned char *key, unsigned long keylen,
+              const char *filename, 
+                    unsigned char *out, unsigned long *outlen)
+{
+#ifdef LTC_NO_FILE
+   return CRYPT_NOP;
+#else
+   int err, x;
+   f9_state f9;
+   FILE *in;
+   unsigned char buf[512];
+
+   LTC_ARGCHK(key      != NULL);
+   LTC_ARGCHK(filename != NULL);
+   LTC_ARGCHK(out      != NULL);
+   LTC_ARGCHK(outlen   != NULL);
+
+   in = fopen(filename, "rb");
+   if (in == NULL) {
+      return CRYPT_FILE_NOTFOUND;
+   }
+
+   if ((err = f9_init(&f9, cipher, key, keylen)) != CRYPT_OK) {
+      fclose(in);
+      return err;
+   }
+
+   do {
+      x = fread(buf, 1, sizeof(buf), in);
+      if ((err = f9_process(&f9, buf, x)) != CRYPT_OK) {
+         fclose(in);
+         return err;
+      }
+   } while (x == sizeof(buf));
+   fclose(in);
+
+   if ((err = f9_done(&f9,    out, outlen)) != CRYPT_OK) {
+      return err;
+   }
+
+#ifdef LTC_CLEAN_STACK
+   zeromem(buf, sizeof(buf));
+#endif
+
+   return CRYPT_OK;
+#endif
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/f9/f9_file.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/11/21 00:18:23 $ */
diff --git a/libtomcrypt/src/mac/f9/f9_init.c b/libtomcrypt/src/mac/f9/f9_init.c
new file mode 100644
index 0000000..aefd8a7
--- /dev/null
+++ b/libtomcrypt/src/mac/f9/f9_init.c
@@ -0,0 +1,70 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file f9_init.c
+  F9 Support, start an F9 state
+*/
+
+#ifdef LTC_F9_MODE
+
+/** Initialize F9-MAC state
+  @param f9    [out] f9 state to initialize
+  @param cipher  Index of cipher to use
+  @param key     [in]  Secret key
+  @param keylen  Length of secret key in octets
+  Return CRYPT_OK on success
+*/
+int f9_init(f9_state *f9, int cipher, const unsigned char *key, unsigned long keylen)
+{
+   int            x, err;
+
+   LTC_ARGCHK(f9   != NULL);
+   LTC_ARGCHK(key  != NULL);
+
+   /* schedule the key */
+   if ((err = cipher_is_valid(cipher)) != CRYPT_OK) {
+      return err;
+   }
+
+#ifdef LTC_FAST
+   if (cipher_descriptor[cipher].block_length % sizeof(LTC_FAST_TYPE)) {
+       return CRYPT_INVALID_ARG;
+   }
+#endif
+
+   if ((err = cipher_descriptor[cipher].setup(key, keylen, 0, &f9->key)) != CRYPT_OK) {
+      goto done;
+   }
+   
+   /* make the second key */
+   for (x = 0; (unsigned)x < keylen; x++) {
+      f9->akey[x] = key[x] ^ 0xAA;
+   }
+ 
+   /* setup struct */
+   zeromem(f9->IV,  cipher_descriptor[cipher].block_length);
+   zeromem(f9->ACC, cipher_descriptor[cipher].block_length);
+   f9->blocksize = cipher_descriptor[cipher].block_length;
+   f9->cipher    = cipher;
+   f9->buflen    = 0;
+   f9->keylen    = keylen;
+done:
+   return err;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/f9/f9_init.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/11/08 22:54:18 $ */
+
diff --git a/libtomcrypt/src/mac/f9/f9_memory.c b/libtomcrypt/src/mac/f9/f9_memory.c
new file mode 100644
index 0000000..2b3901a
--- /dev/null
+++ b/libtomcrypt/src/mac/f9/f9_memory.c
@@ -0,0 +1,71 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file f9_process.c
+  f9 Support, Process a block through F9-MAC
+*/
+
+#ifdef LTC_F9_MODE
+
+/** f9-MAC a block of memory 
+  @param cipher     Index of cipher to use
+  @param key        [in]  Secret key
+  @param keylen     Length of key in octets
+  @param in         [in]  Message to MAC
+  @param inlen      Length of input in octets
+  @param out        [out] Destination for the MAC tag
+  @param outlen     [in/out] Output size and final tag size
+  Return CRYPT_OK on success.
+*/
+int f9_memory(int cipher, 
+               const unsigned char *key, unsigned long keylen,
+               const unsigned char *in,  unsigned long inlen,
+                     unsigned char *out, unsigned long *outlen)
+{
+   f9_state *f9;
+   int         err;
+
+   /* is the cipher valid? */
+   if ((err = cipher_is_valid(cipher)) != CRYPT_OK) {
+      return err;
+   }
+
+   /* Use accelerator if found */
+   if (cipher_descriptor[cipher].f9_memory != NULL) {
+      return cipher_descriptor[cipher].f9_memory(key, keylen, in, inlen, out, outlen);
+   }
+
+   f9 = XCALLOC(1, sizeof(*f9));
+   if (f9 == NULL) {
+      return CRYPT_MEM;
+   }
+
+   if ((err = f9_init(f9, cipher, key, keylen)) != CRYPT_OK) {
+     goto done;
+   }
+
+   if ((err = f9_process(f9, in, inlen)) != CRYPT_OK) {
+     goto done;
+   }
+
+   err = f9_done(f9, out, outlen);
+done:
+   XFREE(f9);
+   return err;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/f9/f9_memory.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/11/21 23:02:42 $ */
diff --git a/libtomcrypt/src/mac/f9/f9_memory_multi.c b/libtomcrypt/src/mac/f9/f9_memory_multi.c
new file mode 100644
index 0000000..5b315f5
--- /dev/null
+++ b/libtomcrypt/src/mac/f9/f9_memory_multi.c
@@ -0,0 +1,90 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+#include <stdarg.h>
+
+/** 
+  @file f9_memory_multi.c
+  f9 support, process multiple blocks of memory, Tom St Denis
+*/
+
+#ifdef LTC_F9_MODE
+
+/**
+   f9 multiple blocks of memory 
+   @param cipher    The index of the desired cipher
+   @param key       The secret key
+   @param keylen    The length of the secret key (octets)
+   @param out       [out] The destination of the authentication tag
+   @param outlen    [in/out]  The max size and resulting size of the authentication tag (octets)
+   @param in        The data to send through f9
+   @param inlen     The length of the data to send through f9 (octets)
+   @param ...       tuples of (data,len) pairs to f9, terminated with a (NULL,x) (x=don't care)
+   @return CRYPT_OK if successful
+*/
+int f9_memory_multi(int cipher, 
+                const unsigned char *key, unsigned long keylen,
+                      unsigned char *out, unsigned long *outlen,
+                const unsigned char *in,  unsigned long inlen, ...)
+{
+   int                  err;
+   f9_state          *f9;
+   va_list              args;
+   const unsigned char *curptr;
+   unsigned long        curlen;
+
+   LTC_ARGCHK(key    != NULL);
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* allocate ram for f9 state */
+   f9 = XMALLOC(sizeof(f9_state));
+   if (f9 == NULL) {
+      return CRYPT_MEM;
+   }
+
+   /* f9 process the message */
+   if ((err = f9_init(f9, cipher, key, keylen)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+   va_start(args, inlen);
+   curptr = in; 
+   curlen = inlen;
+   for (;;) {
+      /* process buf */
+      if ((err = f9_process(f9, curptr, curlen)) != CRYPT_OK) {
+         goto LBL_ERR;
+      }
+      /* step to next */
+      curptr = va_arg(args, const unsigned char*);
+      if (curptr == NULL) {
+         break;
+      }
+      curlen = va_arg(args, unsigned long);
+   }
+   if ((err = f9_done(f9, out, outlen)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+LBL_ERR:
+#ifdef LTC_CLEAN_STACK
+   zeromem(f9, sizeof(f9_state));
+#endif
+   XFREE(f9);
+   va_end(args);
+   return err;   
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/f9/f9_memory_multi.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2006/11/08 21:50:13 $ */
diff --git a/libtomcrypt/src/mac/f9/f9_process.c b/libtomcrypt/src/mac/f9/f9_process.c
new file mode 100644
index 0000000..e8bd88b
--- /dev/null
+++ b/libtomcrypt/src/mac/f9/f9_process.c
@@ -0,0 +1,78 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file f9_process.c
+  f9 Support, process blocks with f9
+*/
+
+#ifdef LTC_F9_MODE
+
+/** Process data through f9-MAC
+  @param f9       The f9-MAC state
+  @param in       Input data to process
+  @param inlen    Length of input in octets
+  Return CRYPT_OK on success
+*/
+int f9_process(f9_state *f9, const unsigned char *in, unsigned long inlen)
+{
+   int err, x;
+
+   LTC_ARGCHK(f9 != NULL);
+   LTC_ARGCHK(in   != NULL);
+
+   /* check structure */
+   if ((err = cipher_is_valid(f9->cipher)) != CRYPT_OK) {
+      return err;
+   }
+
+   if ((f9->blocksize > cipher_descriptor[f9->cipher].block_length) || (f9->blocksize < 0) ||
+       (f9->buflen > f9->blocksize) || (f9->buflen < 0)) {
+      return CRYPT_INVALID_ARG;
+   }
+
+#ifdef LTC_FAST
+   if (f9->buflen == 0) {
+       while (inlen >= (unsigned long)f9->blocksize) {
+           for (x = 0; x < f9->blocksize; x += sizeof(LTC_FAST_TYPE)) {
+              *((LTC_FAST_TYPE*)&(f9->IV[x])) ^= *((LTC_FAST_TYPE*)&(in[x]));
+           }
+           cipher_descriptor[f9->cipher].ecb_encrypt(f9->IV, f9->IV, &f9->key);
+           for (x = 0; x < f9->blocksize; x += sizeof(LTC_FAST_TYPE)) {
+              *((LTC_FAST_TYPE*)&(f9->ACC[x])) ^= *((LTC_FAST_TYPE*)&(f9->IV[x]));
+           }
+           in    += f9->blocksize;
+           inlen -= f9->blocksize;
+       }
+  }
+#endif
+
+   while (inlen) {
+     if (f9->buflen == f9->blocksize) {
+         cipher_descriptor[f9->cipher].ecb_encrypt(f9->IV, f9->IV, &f9->key);
+         for (x = 0; x < f9->blocksize; x++) {
+            f9->ACC[x] ^= f9->IV[x];
+         }
+         f9->buflen = 0;
+     }
+     f9->IV[f9->buflen++] ^= *in++;
+     --inlen;
+  }
+  return CRYPT_OK;       
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/f9/f9_process.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2006/12/16 17:41:21 $ */
+
diff --git a/libtomcrypt/src/mac/f9/f9_test.c b/libtomcrypt/src/mac/f9/f9_test.c
new file mode 100644
index 0000000..4cddfe6
--- /dev/null
+++ b/libtomcrypt/src/mac/f9/f9_test.c
@@ -0,0 +1,78 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file f9_test.c
+  f9 Support, Test F9 mode 
+*/
+
+#ifdef LTC_F9_MODE
+
+/** Test f9-MAC mode
+  Return CRYPT_OK on succes
+*/
+int f9_test(void)
+{
+#ifdef LTC_NO_TEST
+   return CRYPT_NOP;
+#else
+   static const struct {
+       int msglen;
+       unsigned char K[16], M[128], T[4];
+   } tests[] = {
+{
+   20,
+   { 0x2B, 0xD6, 0x45, 0x9F, 0x82, 0xC5, 0xB3, 0x00, 0x95, 0x2C, 0x49, 0x10, 0x48, 0x81, 0xFF, 0x48 },
+   { 0x38, 0xA6, 0xF0, 0x56, 0xB8, 0xAE, 0xFD, 0xA9, 0x33, 0x32, 0x34, 0x62, 0x63, 0x39, 0x38, 0x61, 0x37, 0x34, 0x79, 0x40 },
+   { 0x46, 0xE0, 0x0D, 0x4B }
+},
+
+{
+   105,
+   { 0x83, 0xFD, 0x23, 0xA2, 0x44, 0xA7, 0x4C, 0xF3, 0x58, 0xDA, 0x30, 0x19, 0xF1, 0x72, 0x26, 0x35 },
+   { 0x36, 0xAF, 0x61, 0x44, 0x4F, 0x30, 0x2A, 0xD2, 
+     0x35, 0xC6, 0x87, 0x16, 0x63, 0x3C, 0x66, 0xFB, 0x75, 0x0C, 0x26, 0x68, 0x65, 0xD5, 0x3C, 0x11, 0xEA, 0x05, 0xB1, 0xE9, 0xFA, 0x49, 0xC8, 0x39, 0x8D, 0x48, 0xE1, 0xEF, 0xA5, 0x90, 0x9D, 0x39,
+     0x47, 0x90, 0x28, 0x37, 0xF5, 0xAE, 0x96, 0xD5, 0xA0, 0x5B, 0xC8, 0xD6, 0x1C, 0xA8, 0xDB, 0xEF, 0x1B, 0x13, 0xA4, 0xB4, 0xAB, 0xFE, 0x4F, 0xB1, 0x00, 0x60, 0x45, 0xB6, 0x74, 0xBB, 0x54, 0x72,
+     0x93, 0x04, 0xC3, 0x82, 0xBE, 0x53, 0xA5, 0xAF, 0x05, 0x55, 0x61, 0x76, 0xF6, 0xEA, 0xA2, 0xEF, 0x1D, 0x05, 0xE4, 0xB0, 0x83, 0x18, 0x1E, 0xE6, 0x74, 0xCD, 0xA5, 0xA4, 0x85, 0xF7, 0x4D, 0x7A,
+     0x40|0x80 },
+   { 0x95, 0xAE, 0x41, 0xBA },
+}
+};
+  unsigned char T[16];
+  unsigned long taglen;
+  int err, x, idx;
+
+  /* find kasumi */
+  if ((idx = find_cipher("kasumi")) == -1) {
+     return CRYPT_NOP;
+  }
+
+  for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
+     taglen = 4;
+     if ((err = f9_memory(idx, tests[x].K, 16, tests[x].M, tests[x].msglen, T, &taglen)) != CRYPT_OK) {
+        return err;
+     }
+     if (taglen != 4 || XMEMCMP(T, tests[x].T, 4)) {
+        return CRYPT_FAIL_TESTVECTOR;
+     }
+  }
+
+  return CRYPT_OK;
+#endif
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/f9/f9_test.c,v $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/21 23:02:42 $ */
+
diff --git a/libtomcrypt/src/mac/hmac/hmac_done.c b/libtomcrypt/src/mac/hmac/hmac_done.c
index f64d044..5ba541a 100644
--- a/libtomcrypt/src/mac/hmac/hmac_done.c
+++ b/libtomcrypt/src/mac/hmac/hmac_done.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   HMAC support, terminate stream, Tom St Denis/Dobes Vandermeer
 */
 
-#ifdef HMAC
+#ifdef LTC_HMAC
 
 #define HMAC_BLOCKSIZE hash_descriptor[hash].blocksize
 
@@ -105,5 +105,5 @@ LBL_ERR:
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/hmac/hmac_done.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/hmac/hmac_file.c b/libtomcrypt/src/mac/hmac/hmac_file.c
index f88d692..b296320 100644
--- a/libtomcrypt/src/mac/hmac/hmac_file.c
+++ b/libtomcrypt/src/mac/hmac/hmac_file.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   HMAC support, process a file, Tom St Denis/Dobes Vandermeer
 */
 
-#ifdef HMAC
+#ifdef LTC_HMAC
 
 /**
   HMAC a file
@@ -89,5 +89,5 @@ int hmac_file(int hash, const char *fname,
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/hmac/hmac_file.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/hmac/hmac_init.c b/libtomcrypt/src/mac/hmac/hmac_init.c
index e64d47f..2d61a9a 100644
--- a/libtomcrypt/src/mac/hmac/hmac_init.c
+++ b/libtomcrypt/src/mac/hmac/hmac_init.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   HMAC support, initialize state, Tom St Denis/Dobes Vandermeer 
 */
 
-#ifdef HMAC
+#ifdef LTC_HMAC
 
 #define HMAC_BLOCKSIZE hash_descriptor[hash].blocksize
 
@@ -108,5 +108,5 @@ done:
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/hmac/hmac_init.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/hmac/hmac_memory.c b/libtomcrypt/src/mac/hmac/hmac_memory.c
index 99959f4..7dc364a 100644
--- a/libtomcrypt/src/mac/hmac/hmac_memory.c
+++ b/libtomcrypt/src/mac/hmac/hmac_memory.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   HMAC support, process a block of memory, Tom St Denis/Dobes Vandermeer
 */
 
-#ifdef HMAC
+#ifdef LTC_HMAC
 
 /**
    HMAC a block of memory to produce the authentication tag
@@ -34,13 +34,24 @@ int hmac_memory(int hash,
                       unsigned char *out,  unsigned long *outlen)
 {
     hmac_state *hmac;
-    int err;
+    int         err;
 
     LTC_ARGCHK(key    != NULL);
-    LTC_ARGCHK(in   != NULL);
+    LTC_ARGCHK(in     != NULL);
     LTC_ARGCHK(out    != NULL); 
     LTC_ARGCHK(outlen != NULL);
 
+    /* make sure hash descriptor is valid */
+    if ((err = hash_is_valid(hash)) != CRYPT_OK) {
+       return err;
+    }
+
+    /* is there a descriptor? */
+    if (hash_descriptor[hash].hmac_block != NULL) {
+        return hash_descriptor[hash].hmac_block(key, keylen, in, inlen, out, outlen);
+    }
+
+    /* nope, so call the hmac functions */
     /* allocate ram for hmac state */
     hmac = XMALLOC(sizeof(hmac_state));
     if (hmac == NULL) {
@@ -73,5 +84,5 @@ LBL_ERR:
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/hmac/hmac_memory.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/hmac/hmac_memory_multi.c b/libtomcrypt/src/mac/hmac/hmac_memory_multi.c
index b7a6d96..2382502 100644
--- a/libtomcrypt/src/mac/hmac/hmac_memory_multi.c
+++ b/libtomcrypt/src/mac/hmac/hmac_memory_multi.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 #include <stdarg.h>
@@ -16,7 +16,7 @@
   HMAC support, process multiple blocks of memory, Tom St Denis/Dobes Vandermeer
 */
 
-#ifdef HMAC
+#ifdef LTC_HMAC
 
 /**
    HMAC multiple blocks of memory to produce the authentication tag
@@ -88,5 +88,5 @@ LBL_ERR:
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/hmac/hmac_memory_multi.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/hmac/hmac_process.c b/libtomcrypt/src/mac/hmac/hmac_process.c
index 2919282..04b5ee2 100644
--- a/libtomcrypt/src/mac/hmac/hmac_process.c
+++ b/libtomcrypt/src/mac/hmac/hmac_process.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   HMAC support, process data, Tom St Denis/Dobes Vandermeer
 */
 
-#ifdef HMAC
+#ifdef LTC_HMAC
 
 /** 
   Process data through HMAC
@@ -39,5 +39,5 @@ int hmac_process(hmac_state *hmac, const unsigned char *in, unsigned long inlen)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/hmac/hmac_process.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/hmac/hmac_test.c b/libtomcrypt/src/mac/hmac/hmac_test.c
index 87758f5..4a03f87 100644
--- a/libtomcrypt/src/mac/hmac/hmac_test.c
+++ b/libtomcrypt/src/mac/hmac/hmac_test.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   HMAC support, self-test, Tom St Denis/Dobes Vandermeer
 */
 
-#ifdef HMAC
+#ifdef LTC_HMAC
 
 #define HMAC_BLOCKSIZE hash_descriptor[hash].blocksize
 
@@ -55,7 +55,7 @@ int hmac_test(void)
         3. Test Cases for HMAC-SHA-1
 
         test_case =     1
-        key =           0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
+        key =           0x0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c
         key_len =       20
         data =          "Hi Ther     20
         digest =        0x4c1a03424b55e07fe7f27be1d58bb9324a9a5a04
@@ -277,7 +277,7 @@ Key First"
             return err;
         }
 
-        if(memcmp(digest, cases[i].digest, (size_t)hash_descriptor[hash].hashsize) != 0)  {
+        if(XMEMCMP(digest, cases[i].digest, (size_t)hash_descriptor[hash].hashsize) != 0)  {
             failed++;
 #if 0
             unsigned int j;
@@ -312,5 +312,5 @@ Key First"
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/hmac/hmac_test.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/omac/omac_done.c b/libtomcrypt/src/mac/omac/omac_done.c
index 37292d5..7a0453b 100644
--- a/libtomcrypt/src/mac/omac/omac_done.c
+++ b/libtomcrypt/src/mac/omac/omac_done.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   OMAC1 support, terminate a stream, Tom St Denis
 */
 
-#ifdef OMAC
+#ifdef LTC_OMAC
 
 /**
   Terminate an OMAC stream
@@ -61,7 +61,9 @@ int omac_done(omac_state *omac, unsigned char *out, unsigned long *outlen)
    }
 
    /* encrypt it */
-   cipher_descriptor[omac->cipher_idx].ecb_encrypt(omac->block, omac->block, &omac->key);
+   if ((err = cipher_descriptor[omac->cipher_idx].ecb_encrypt(omac->block, omac->block, &omac->key)) != CRYPT_OK) {
+      return err;
+   }
    cipher_descriptor[omac->cipher_idx].done(&omac->key);
  
    /* output it */
@@ -80,5 +82,5 @@ int omac_done(omac_state *omac, unsigned char *out, unsigned long *outlen)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/omac/omac_done.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/omac/omac_file.c b/libtomcrypt/src/mac/omac/omac_file.c
index 63784b0..7117ae3 100644
--- a/libtomcrypt/src/mac/omac/omac_file.c
+++ b/libtomcrypt/src/mac/omac/omac_file.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   OMAC1 support, process a file, Tom St Denis
 */
 
-#ifdef OMAC
+#ifdef LTC_OMAC
 
 /**
    OMAC a file
@@ -79,5 +79,5 @@ int omac_file(int cipher,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/omac/omac_file.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/omac/omac_init.c b/libtomcrypt/src/mac/omac/omac_init.c
index 8866772..cbf26a2 100644
--- a/libtomcrypt/src/mac/omac/omac_init.c
+++ b/libtomcrypt/src/mac/omac/omac_init.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -16,7 +16,7 @@
 */
 
 
-#ifdef OMAC
+#ifdef LTC_OMAC
 
 /**
    Initialize an OMAC state
@@ -63,7 +63,9 @@ int omac_init(omac_state *omac, int cipher, const unsigned char *key, unsigned l
 
    /* first calc L which is Ek(0) */
    zeromem(omac->Lu[0], cipher_descriptor[cipher].block_length);
-   cipher_descriptor[cipher].ecb_encrypt(omac->Lu[0], omac->Lu[0], &omac->key);
+   if ((err = cipher_descriptor[cipher].ecb_encrypt(omac->Lu[0], omac->Lu[0], &omac->key)) != CRYPT_OK) {
+      return err;
+   }
 
    /* now do the mults, whoopy! */
    for (x = 0; x < 2; x++) {
@@ -95,5 +97,5 @@ int omac_init(omac_state *omac, int cipher, const unsigned char *key, unsigned l
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/omac/omac_init.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/06/06 10:22:44 $ */
+/* $Revision: 1.10 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/omac/omac_memory.c b/libtomcrypt/src/mac/omac/omac_memory.c
index 3b1521c..50b2db0 100644
--- a/libtomcrypt/src/mac/omac/omac_memory.c
+++ b/libtomcrypt/src/mac/omac/omac_memory.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   OMAC1 support, process a block of memory, Tom St Denis
 */
 
-#ifdef OMAC
+#ifdef LTC_OMAC
 
 /**
    OMAC a block of memory 
@@ -41,6 +41,16 @@ int omac_memory(int cipher,
    LTC_ARGCHK(out    != NULL);
    LTC_ARGCHK(outlen != NULL);
 
+   /* is the cipher valid? */
+   if ((err = cipher_is_valid(cipher)) != CRYPT_OK) {
+      return err;
+   }
+
+   /* Use accelerator if found */
+   if (cipher_descriptor[cipher].omac_memory != NULL) {
+      return cipher_descriptor[cipher].omac_memory(key, keylen, in, inlen, out, outlen);
+   }
+
    /* allocate ram for omac state */
    omac = XMALLOC(sizeof(omac_state));
    if (omac == NULL) {
@@ -71,5 +81,5 @@ LBL_ERR:
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/omac/omac_memory.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/mac/omac/omac_memory_multi.c b/libtomcrypt/src/mac/omac/omac_memory_multi.c
index 52f7323..4445ca2 100644
--- a/libtomcrypt/src/mac/omac/omac_memory_multi.c
+++ b/libtomcrypt/src/mac/omac/omac_memory_multi.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 #include <stdarg.h>
@@ -16,7 +16,7 @@
   OMAC1 support, process multiple blocks of memory, Tom St Denis
 */
 
-#ifdef OMAC
+#ifdef LTC_OMAC
 
 /**
    OMAC multiple blocks of memory 
@@ -86,5 +86,5 @@ LBL_ERR:
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/omac/omac_memory_multi.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/omac/omac_process.c b/libtomcrypt/src/mac/omac/omac_process.c
index ca3ec6b..f4b96f5 100644
--- a/libtomcrypt/src/mac/omac/omac_process.c
+++ b/libtomcrypt/src/mac/omac/omac_process.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -16,7 +16,7 @@
 */
 
 
-#ifdef OMAC
+#ifdef LTC_OMAC
 
 /** 
    Process data through OMAC
@@ -49,7 +49,9 @@ int omac_process(omac_state *omac, const unsigned char *in, unsigned long inlen)
               *((LTC_FAST_TYPE*)(&omac->prev[y])) ^= *((LTC_FAST_TYPE*)(&in[y]));
           }
           in += 16;
-          cipher_descriptor[omac->cipher_idx].ecb_encrypt(omac->prev, omac->prev, &omac->key);
+          if ((err = cipher_descriptor[omac->cipher_idx].ecb_encrypt(omac->prev, omac->prev, &omac->key)) != CRYPT_OK) {
+             return err;
+          }
       }
       inlen -= x;
     }
@@ -61,7 +63,9 @@ int omac_process(omac_state *omac, const unsigned char *in, unsigned long inlen)
           for (x = 0; x < (unsigned long)omac->blklen; x++) {
               omac->block[x] ^= omac->prev[x];
           }
-          cipher_descriptor[omac->cipher_idx].ecb_encrypt(omac->block, omac->prev, &omac->key);
+          if ((err = cipher_descriptor[omac->cipher_idx].ecb_encrypt(omac->block, omac->prev, &omac->key)) != CRYPT_OK) {
+             return err;
+          }
           omac->buflen = 0;
        }
 
@@ -80,5 +84,5 @@ int omac_process(omac_state *omac, const unsigned char *in, unsigned long inlen)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/omac/omac_process.c,v $ */
-/* $Revision: 1.6 $ */
-/* $Date: 2005/05/05 14:35:58 $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/omac/omac_test.c b/libtomcrypt/src/mac/omac/omac_test.c
index 1bc9ead..3230a8c 100644
--- a/libtomcrypt/src/mac/omac/omac_test.c
+++ b/libtomcrypt/src/mac/omac/omac_test.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   OMAC1 support, self-test, by Tom St Denis
 */
 
-#ifdef OMAC
+#ifdef LTC_OMAC
 
 /**
   Test the OMAC setup
@@ -90,7 +90,7 @@ int omac_test(void)
           return err;
        }
 
-       if (memcmp(out, tests[x].tag, 16) != 0) {
+       if (XMEMCMP(out, tests[x].tag, 16) != 0) {
 #if 0
           int y;
           printf("\n\nTag: ");
@@ -106,5 +106,5 @@ int omac_test(void)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/omac/omac_test.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/pelican/pelican.c b/libtomcrypt/src/mac/pelican/pelican.c
index 85bf9ee..734cd38 100644
--- a/libtomcrypt/src/mac/pelican/pelican.c
+++ b/libtomcrypt/src/mac/pelican/pelican.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -18,9 +18,9 @@
 #ifdef PELICAN
 
 #define ENCRYPT_ONLY
+#define PELI_TAB
 #include "../../ciphers/aes/aes_tab.c"
 
-
 /**
    Initialize a Pelican state
    @param pelmac    The Pelican state to initialize
@@ -161,5 +161,5 @@ int pelican_done(pelican_state *pelmac, unsigned char *out)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/pelican/pelican.c,v $ */
-/* $Revision: 1.16 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.18 $ */
+/* $Date: 2006/04/02 13:19:10 $ */
diff --git a/libtomcrypt/src/mac/pelican/pelican_memory.c b/libtomcrypt/src/mac/pelican/pelican_memory.c
index 093340d..7dde843 100644
--- a/libtomcrypt/src/mac/pelican/pelican_memory.c
+++ b/libtomcrypt/src/mac/pelican/pelican_memory.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -55,5 +55,5 @@ int pelican_memory(const unsigned char *key, unsigned long keylen,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/pelican/pelican_memory.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/mac/pelican/pelican_test.c b/libtomcrypt/src/mac/pelican/pelican_test.c
index 06ec3f0..3cff8ec 100644
--- a/libtomcrypt/src/mac/pelican/pelican_test.c
+++ b/libtomcrypt/src/mac/pelican/pelican_test.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -24,7 +24,7 @@ int pelican_test(void)
 #else
    static const struct {
         unsigned char K[32], MSG[64], T[16];
-	int keylen, ptlen;
+   int keylen, ptlen;
    } tests[] = {
 /* K=16, M=0 */
 {
@@ -99,7 +99,7 @@ int pelican_test(void)
           return err;
        }
 
-       if (memcmp(out, tests[x].T, 16)) {
+       if (XMEMCMP(out, tests[x].T, 16)) {
 #if 0
            int y;
            printf("\nFailed test %d\n", x);
@@ -116,5 +116,5 @@ int pelican_test(void)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/pelican/pelican_test.c,v $ */
-/* $Revision: 1.9 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/11/21 00:18:23 $ */
diff --git a/libtomcrypt/src/mac/pmac/pmac_done.c b/libtomcrypt/src/mac/pmac/pmac_done.c
index 09c430c..005f94f 100644
--- a/libtomcrypt/src/mac/pmac/pmac_done.c
+++ b/libtomcrypt/src/mac/pmac/pmac_done.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   PMAC implementation, terminate a session, by Tom St Denis 
 */
 
-#ifdef PMAC
+#ifdef LTC_PMAC
 
 int pmac_done(pmac_state *state, unsigned char *out, unsigned long *outlen)
 {
@@ -49,11 +49,13 @@ int pmac_done(pmac_state *state, unsigned char *out, unsigned long *outlen)
    }
 
    /* encrypt it */
-   cipher_descriptor[state->cipher_idx].ecb_encrypt(state->checksum, state->checksum, &state->key);
+   if ((err = cipher_descriptor[state->cipher_idx].ecb_encrypt(state->checksum, state->checksum, &state->key)) != CRYPT_OK) {
+      return err;
+   }
    cipher_descriptor[state->cipher_idx].done(&state->key);
 
    /* store it */
-   for (x = 0; x < state->block_len && x <= (int)*outlen; x++) {
+   for (x = 0; x < state->block_len && x < (int)*outlen; x++) {
        out[x] = state->checksum[x];
    }
    *outlen = x;
@@ -68,5 +70,5 @@ int pmac_done(pmac_state *state, unsigned char *out, unsigned long *outlen)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_done.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/pmac/pmac_file.c b/libtomcrypt/src/mac/pmac/pmac_file.c
index 1034c6f..f8809e8 100644
--- a/libtomcrypt/src/mac/pmac/pmac_file.c
+++ b/libtomcrypt/src/mac/pmac/pmac_file.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    PMAC implementation, process a file, by Tom St Denis 
 */
 
-#ifdef PMAC
+#ifdef LTC_PMAC
 
 /**
    PMAC a file 
@@ -80,5 +80,5 @@ int pmac_file(int cipher,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_file.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/pmac/pmac_init.c b/libtomcrypt/src/mac/pmac/pmac_init.c
index 5bd94a0..c842160 100644
--- a/libtomcrypt/src/mac/pmac/pmac_init.c
+++ b/libtomcrypt/src/mac/pmac/pmac_init.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    PMAC implementation, initialize state, by Tom St Denis 
 */
 
-#ifdef PMAC
+#ifdef LTC_PMAC
 
 static const struct {
     int           len;
@@ -87,7 +87,9 @@ int pmac_init(pmac_state *pmac, int cipher, const unsigned char *key, unsigned l
 
    /* find L = E[0] */
    zeromem(L, pmac->block_len);
-   cipher_descriptor[cipher].ecb_encrypt(L, L, &pmac->key);
+   if ((err = cipher_descriptor[cipher].ecb_encrypt(L, L, &pmac->key)) != CRYPT_OK) {
+      goto error;
+   }
 
    /* find Ls[i] = L << i for i == 0..31 */
    XMEMCPY(pmac->Ls[0], L, pmac->block_len);
@@ -127,18 +129,19 @@ int pmac_init(pmac_state *pmac, int cipher, const unsigned char *key, unsigned l
     zeromem(pmac->block,    sizeof(pmac->block));
     zeromem(pmac->Li,       sizeof(pmac->Li));
     zeromem(pmac->checksum, sizeof(pmac->checksum));
-
+    err = CRYPT_OK;
+error:
 #ifdef LTC_CLEAN_STACK
     zeromem(L, pmac->block_len);
 #endif
 
     XFREE(L);
 
-    return CRYPT_OK;
+    return err;
 }
 
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_init.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/pmac/pmac_memory.c b/libtomcrypt/src/mac/pmac/pmac_memory.c
index fcdef99..ca15e63 100644
--- a/libtomcrypt/src/mac/pmac/pmac_memory.c
+++ b/libtomcrypt/src/mac/pmac/pmac_memory.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    PMAC implementation, process a block of memory, by Tom St Denis 
 */
 
-#ifdef PMAC
+#ifdef LTC_PMAC
 
 /**
    PMAC a block of memory
@@ -70,5 +70,5 @@ LBL_ERR:
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_memory.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/pmac/pmac_memory_multi.c b/libtomcrypt/src/mac/pmac/pmac_memory_multi.c
index 2cc8572..70e2398 100644
--- a/libtomcrypt/src/mac/pmac/pmac_memory_multi.c
+++ b/libtomcrypt/src/mac/pmac/pmac_memory_multi.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 #include <stdarg.h>
@@ -16,7 +16,7 @@
    PMAC implementation, process multiple blocks of memory, by Tom St Denis 
 */
 
-#ifdef PMAC
+#ifdef LTC_PMAC
 
 /**
    PMAC multiple blocks of memory
@@ -85,5 +85,5 @@ LBL_ERR:
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_memory_multi.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/pmac/pmac_ntz.c b/libtomcrypt/src/mac/pmac/pmac_ntz.c
index 7ec4550..8322563 100644
--- a/libtomcrypt/src/mac/pmac/pmac_ntz.c
+++ b/libtomcrypt/src/mac/pmac/pmac_ntz.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    PMAC implementation, internal function, by Tom St Denis 
 */
 
-#ifdef PMAC
+#ifdef LTC_PMAC
 
 /**
   Internal PMAC function
@@ -35,5 +35,5 @@ int pmac_ntz(unsigned long x)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_ntz.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/pmac/pmac_process.c b/libtomcrypt/src/mac/pmac/pmac_process.c
index 9ebd44e..a191812 100644
--- a/libtomcrypt/src/mac/pmac/pmac_process.c
+++ b/libtomcrypt/src/mac/pmac/pmac_process.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -16,7 +16,7 @@
 */
 
 
-#ifdef PMAC
+#ifdef LTC_PMAC
 
 /**
   Process data in a PMAC stream
@@ -50,7 +50,9 @@ int pmac_process(pmac_state *pmac, const unsigned char *in, unsigned long inlen)
           for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) {
               *((LTC_FAST_TYPE*)(&Z[y])) = *((LTC_FAST_TYPE*)(&in[y])) ^ *((LTC_FAST_TYPE*)(&pmac->Li[y]));
           }
-          cipher_descriptor[pmac->cipher_idx].ecb_encrypt(Z, Z, &pmac->key);
+          if ((err = cipher_descriptor[pmac->cipher_idx].ecb_encrypt(Z, Z, &pmac->key)) != CRYPT_OK) {
+             return err;
+          }
           for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) {
               *((LTC_FAST_TYPE*)(&pmac->checksum[y])) ^= *((LTC_FAST_TYPE*)(&Z[y]));
           }
@@ -67,7 +69,9 @@ int pmac_process(pmac_state *pmac, const unsigned char *in, unsigned long inlen)
           for (x = 0; x < (unsigned long)pmac->block_len; x++) {
                Z[x] = pmac->Li[x] ^ pmac->block[x];
           }
-          cipher_descriptor[pmac->cipher_idx].ecb_encrypt(Z, Z, &pmac->key);
+          if ((err = cipher_descriptor[pmac->cipher_idx].ecb_encrypt(Z, Z, &pmac->key)) != CRYPT_OK) {
+             return err;
+           }
           for (x = 0; x < (unsigned long)pmac->block_len; x++) {
               pmac->checksum[x] ^= Z[x];
           }
@@ -92,5 +96,5 @@ int pmac_process(pmac_state *pmac, const unsigned char *in, unsigned long inlen)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_process.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/pmac/pmac_shift_xor.c b/libtomcrypt/src/mac/pmac/pmac_shift_xor.c
index f24c22b..694a423 100644
--- a/libtomcrypt/src/mac/pmac/pmac_shift_xor.c
+++ b/libtomcrypt/src/mac/pmac/pmac_shift_xor.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    PMAC implementation, internal function, by Tom St Denis 
 */
 
-#ifdef PMAC
+#ifdef LTC_PMAC
 
 /**
   Internal function.  Performs the state update (adding correct multiple)
@@ -40,5 +40,5 @@ void pmac_shift_xor(pmac_state *pmac)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_shift_xor.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/pmac/pmac_test.c b/libtomcrypt/src/mac/pmac/pmac_test.c
index 6d88703..a635e15 100644
--- a/libtomcrypt/src/mac/pmac/pmac_test.c
+++ b/libtomcrypt/src/mac/pmac/pmac_test.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -16,7 +16,7 @@
 */
 
 
-#ifdef PMAC
+#ifdef LTC_PMAC
 
 /** 
    Test the OMAC implementation
@@ -138,7 +138,7 @@ int pmac_test(void)
            return err;
         }
         
-        if (memcmp(outtag, tests[x].tag, len)) {
+        if (XMEMCMP(outtag, tests[x].tag, len)) {
 #if 0
            unsigned long y;
            printf("\nTAG:\n");
@@ -161,5 +161,5 @@ int pmac_test(void)
  
 
 /* $Source: /cvs/libtom/libtomcrypt/src/mac/pmac/pmac_test.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/11/03 00:39:49 $ */
diff --git a/libtomcrypt/src/mac/xcbc/xcbc_done.c b/libtomcrypt/src/mac/xcbc/xcbc_done.c
new file mode 100644
index 0000000..687c24d
--- /dev/null
+++ b/libtomcrypt/src/mac/xcbc/xcbc_done.c
@@ -0,0 +1,77 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file xcbc_done.c
+  XCBC Support, terminate the state
+*/
+
+#ifdef LTC_XCBC
+
+/** Terminate the XCBC-MAC state
+  @param xcbc     XCBC state to terminate
+  @param out      [out] Destination for the MAC tag
+  @param outlen   [in/out] Destination size and final tag size
+  Return CRYPT_OK on success
+*/
+int xcbc_done(xcbc_state *xcbc, unsigned char *out, unsigned long *outlen)
+{
+   int err, x;
+   LTC_ARGCHK(xcbc != NULL);
+   LTC_ARGCHK(out  != NULL);
+
+   /* check structure */
+   if ((err = cipher_is_valid(xcbc->cipher)) != CRYPT_OK) {
+      return err;
+   }
+
+   if ((xcbc->blocksize > cipher_descriptor[xcbc->cipher].block_length) || (xcbc->blocksize < 0) ||
+       (xcbc->buflen > xcbc->blocksize) || (xcbc->buflen < 0)) {
+      return CRYPT_INVALID_ARG;
+   }
+
+   /* which key do we use? */
+   if (xcbc->buflen == xcbc->blocksize) {
+      /* k2 */
+      for (x = 0; x < xcbc->blocksize; x++) {
+         xcbc->IV[x] ^= xcbc->K[1][x];
+      }
+   } else {
+      xcbc->IV[xcbc->buflen] ^= 0x80;
+      /* k3 */
+      for (x = 0; x < xcbc->blocksize; x++) {
+         xcbc->IV[x] ^= xcbc->K[2][x];
+      }
+   }
+
+   /* encrypt */
+   cipher_descriptor[xcbc->cipher].ecb_encrypt(xcbc->IV, xcbc->IV, &xcbc->key);
+   cipher_descriptor[xcbc->cipher].done(&xcbc->key);
+
+   /* extract tag */
+   for (x = 0; x < xcbc->blocksize && (unsigned long)x < *outlen; x++) {
+      out[x] = xcbc->IV[x];
+   }
+   *outlen = x;
+  
+#ifdef LTC_CLEAN_STACK
+   zeromem(xcbc, sizeof(*xcbc));
+#endif
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/xcbc/xcbc_done.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/11/07 03:23:46 $ */
+
diff --git a/libtomcrypt/src/mac/xcbc/xcbc_file.c b/libtomcrypt/src/mac/xcbc/xcbc_file.c
new file mode 100644
index 0000000..4a8f7af
--- /dev/null
+++ b/libtomcrypt/src/mac/xcbc/xcbc_file.c
@@ -0,0 +1,83 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/** 
+  @file xcbc_file.c
+  XCBC support, process a file, Tom St Denis
+*/
+
+#ifdef LTC_XCBC
+
+/**
+   XCBC a file
+   @param cipher   The index of the cipher desired
+   @param key      The secret key
+   @param keylen   The length of the secret key (octets)
+   @param filename The name of the file you wish to XCBC
+   @param out      [out] Where the authentication tag is to be stored
+   @param outlen   [in/out] The max size and resulting size of the authentication tag
+   @return CRYPT_OK if successful, CRYPT_NOP if file support has been disabled
+*/
+int xcbc_file(int cipher, 
+              const unsigned char *key, unsigned long keylen,
+              const char *filename, 
+                    unsigned char *out, unsigned long *outlen)
+{
+#ifdef LTC_NO_FILE
+   return CRYPT_NOP;
+#else
+   int err, x;
+   xcbc_state xcbc;
+   FILE *in;
+   unsigned char buf[512];
+
+   LTC_ARGCHK(key      != NULL);
+   LTC_ARGCHK(filename != NULL);
+   LTC_ARGCHK(out      != NULL);
+   LTC_ARGCHK(outlen   != NULL);
+
+   in = fopen(filename, "rb");
+   if (in == NULL) {
+      return CRYPT_FILE_NOTFOUND;
+   }
+
+   if ((err = xcbc_init(&xcbc, cipher, key, keylen)) != CRYPT_OK) {
+      fclose(in);
+      return err;
+   }
+
+   do {
+      x = fread(buf, 1, sizeof(buf), in);
+      if ((err = xcbc_process(&xcbc, buf, x)) != CRYPT_OK) {
+         fclose(in);
+         return err;
+      }
+   } while (x == sizeof(buf));
+   fclose(in);
+
+   if ((err = xcbc_done(&xcbc, out, outlen)) != CRYPT_OK) {
+      return err;
+   }
+
+#ifdef LTC_CLEAN_STACK
+   zeromem(buf, sizeof(buf));
+#endif
+
+   return CRYPT_OK;
+#endif
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/xcbc/xcbc_file.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2006/11/03 01:56:41 $ */
diff --git a/libtomcrypt/src/mac/xcbc/xcbc_init.c b/libtomcrypt/src/mac/xcbc/xcbc_init.c
new file mode 100644
index 0000000..3a0dcaf
--- /dev/null
+++ b/libtomcrypt/src/mac/xcbc/xcbc_init.c
@@ -0,0 +1,86 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file xcbc_init.c
+  XCBC Support, start an XCBC state
+*/
+
+#ifdef LTC_XCBC
+
+/** Initialize XCBC-MAC state
+  @param xcbc    [out] XCBC state to initialize
+  @param cipher  Index of cipher to use
+  @param key     [in]  Secret key
+  @param keylen  Length of secret key in octets
+  Return CRYPT_OK on success
+*/
+int xcbc_init(xcbc_state *xcbc, int cipher, const unsigned char *key, unsigned long keylen)
+{
+   int            x, y, err;
+   symmetric_key *skey;
+
+   LTC_ARGCHK(xcbc != NULL);
+   LTC_ARGCHK(key  != NULL);
+
+   /* schedule the key */
+   if ((err = cipher_is_valid(cipher)) != CRYPT_OK) {
+      return err;
+   }
+
+#ifdef LTC_FAST
+   if (cipher_descriptor[cipher].block_length % sizeof(LTC_FAST_TYPE)) {
+       return CRYPT_INVALID_ARG;
+   }
+#endif
+
+   /* schedule the user key */
+   skey = XCALLOC(1, sizeof(*skey));
+   if (skey == NULL) {
+      return CRYPT_MEM;
+   }
+
+   if ((err = cipher_descriptor[cipher].setup(key, keylen, 0, skey)) != CRYPT_OK) {
+      goto done;
+   }
+   
+   /* make the three keys */
+   for (y = 0; y < 3; y++) {
+     for (x = 0; x < cipher_descriptor[cipher].block_length; x++) {
+        xcbc->K[y][x] = y + 1;
+     }
+     cipher_descriptor[cipher].ecb_encrypt(xcbc->K[y], xcbc->K[y], skey);
+   }
+
+   /* setup K1 */
+   err = cipher_descriptor[cipher].setup(xcbc->K[0], cipher_descriptor[cipher].block_length, 0, &xcbc->key);
+ 
+   /* setup struct */
+   zeromem(xcbc->IV, cipher_descriptor[cipher].block_length);
+   xcbc->blocksize = cipher_descriptor[cipher].block_length;
+   xcbc->cipher    = cipher;
+   xcbc->buflen    = 0;
+done:
+   cipher_descriptor[cipher].done(skey);
+#ifdef LTC_CLEAN_STACK
+   zeromem(skey, sizeof(*skey));
+#endif
+   XFREE(skey);
+   return err;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/xcbc/xcbc_init.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/11/07 03:23:46 $ */
+
diff --git a/libtomcrypt/src/mac/xcbc/xcbc_memory.c b/libtomcrypt/src/mac/xcbc/xcbc_memory.c
new file mode 100644
index 0000000..1826b6b
--- /dev/null
+++ b/libtomcrypt/src/mac/xcbc/xcbc_memory.c
@@ -0,0 +1,71 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file xcbc_process.c
+  XCBC Support, XCBC-MAC a block of memory
+*/
+
+#ifdef LTC_XCBC
+
+/** XCBC-MAC a block of memory 
+  @param cipher     Index of cipher to use
+  @param key        [in]  Secret key
+  @param keylen     Length of key in octets
+  @param in         [in]  Message to MAC
+  @param inlen      Length of input in octets
+  @param out        [out] Destination for the MAC tag
+  @param outlen     [in/out] Output size and final tag size
+  Return CRYPT_OK on success.
+*/
+int xcbc_memory(int cipher, 
+               const unsigned char *key, unsigned long keylen,
+               const unsigned char *in,  unsigned long inlen,
+                     unsigned char *out, unsigned long *outlen)
+{
+   xcbc_state *xcbc;
+   int         err;
+
+   /* is the cipher valid? */
+   if ((err = cipher_is_valid(cipher)) != CRYPT_OK) {
+      return err;
+   }
+
+   /* Use accelerator if found */
+   if (cipher_descriptor[cipher].xcbc_memory != NULL) {
+      return cipher_descriptor[cipher].xcbc_memory(key, keylen, in, inlen, out, outlen);
+   }
+
+   xcbc = XCALLOC(1, sizeof(*xcbc));
+   if (xcbc == NULL) {
+      return CRYPT_MEM;
+   }
+
+   if ((err = xcbc_init(xcbc, cipher, key, keylen)) != CRYPT_OK) {
+     goto done;
+   }
+
+   if ((err = xcbc_process(xcbc, in, inlen)) != CRYPT_OK) {
+     goto done;
+   }
+
+   err = xcbc_done(xcbc, out, outlen);
+done:
+   XFREE(xcbc);
+   return err;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/xcbc/xcbc_memory.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/11/21 23:02:42 $ */
diff --git a/libtomcrypt/src/mac/xcbc/xcbc_memory_multi.c b/libtomcrypt/src/mac/xcbc/xcbc_memory_multi.c
new file mode 100644
index 0000000..ccae9de
--- /dev/null
+++ b/libtomcrypt/src/mac/xcbc/xcbc_memory_multi.c
@@ -0,0 +1,90 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+#include <stdarg.h>
+
+/** 
+  @file xcbc_memory_multi.c
+  XCBC support, process multiple blocks of memory, Tom St Denis
+*/
+
+#ifdef LTC_XCBC
+
+/**
+   XCBC multiple blocks of memory 
+   @param cipher    The index of the desired cipher
+   @param key       The secret key
+   @param keylen    The length of the secret key (octets)
+   @param out       [out] The destination of the authentication tag
+   @param outlen    [in/out]  The max size and resulting size of the authentication tag (octets)
+   @param in        The data to send through XCBC
+   @param inlen     The length of the data to send through XCBC (octets)
+   @param ...       tuples of (data,len) pairs to XCBC, terminated with a (NULL,x) (x=don't care)
+   @return CRYPT_OK if successful
+*/
+int xcbc_memory_multi(int cipher, 
+                const unsigned char *key, unsigned long keylen,
+                      unsigned char *out, unsigned long *outlen,
+                const unsigned char *in,  unsigned long inlen, ...)
+{
+   int                  err;
+   xcbc_state          *xcbc;
+   va_list              args;
+   const unsigned char *curptr;
+   unsigned long        curlen;
+
+   LTC_ARGCHK(key    != NULL);
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* allocate ram for xcbc state */
+   xcbc = XMALLOC(sizeof(xcbc_state));
+   if (xcbc == NULL) {
+      return CRYPT_MEM;
+   }
+
+   /* xcbc process the message */
+   if ((err = xcbc_init(xcbc, cipher, key, keylen)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+   va_start(args, inlen);
+   curptr = in; 
+   curlen = inlen;
+   for (;;) {
+      /* process buf */
+      if ((err = xcbc_process(xcbc, curptr, curlen)) != CRYPT_OK) {
+         goto LBL_ERR;
+      }
+      /* step to next */
+      curptr = va_arg(args, const unsigned char*);
+      if (curptr == NULL) {
+         break;
+      }
+      curlen = va_arg(args, unsigned long);
+   }
+   if ((err = xcbc_done(xcbc, out, outlen)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+LBL_ERR:
+#ifdef LTC_CLEAN_STACK
+   zeromem(xcbc, sizeof(xcbc_state));
+#endif
+   XFREE(xcbc);
+   va_end(args);
+   return err;   
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/xcbc/xcbc_memory_multi.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2006/11/03 01:53:25 $ */
diff --git a/libtomcrypt/src/mac/xcbc/xcbc_process.c b/libtomcrypt/src/mac/xcbc/xcbc_process.c
new file mode 100644
index 0000000..4dd63b5
--- /dev/null
+++ b/libtomcrypt/src/mac/xcbc/xcbc_process.c
@@ -0,0 +1,75 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file xcbc_process.c
+  XCBC Support, process blocks with XCBC
+*/
+
+#ifdef LTC_XCBC
+
+/** Process data through XCBC-MAC
+  @param xcbc     The XCBC-MAC state
+  @param in       Input data to process
+  @param inlen    Length of input in octets
+  Return CRYPT_OK on success
+*/
+int xcbc_process(xcbc_state *xcbc, const unsigned char *in, unsigned long inlen)
+{
+   int err;
+#ifdef LTC_FAST
+   int x;
+#endif
+
+   LTC_ARGCHK(xcbc != NULL);
+   LTC_ARGCHK(in   != NULL);
+
+   /* check structure */
+   if ((err = cipher_is_valid(xcbc->cipher)) != CRYPT_OK) {
+      return err;
+   }
+
+   if ((xcbc->blocksize > cipher_descriptor[xcbc->cipher].block_length) || (xcbc->blocksize < 0) ||
+       (xcbc->buflen > xcbc->blocksize) || (xcbc->buflen < 0)) {
+      return CRYPT_INVALID_ARG;
+   }
+
+#ifdef LTC_FAST
+   if (xcbc->buflen == 0) {
+       while (inlen > (unsigned long)xcbc->blocksize) {
+           for (x = 0; x < xcbc->blocksize; x += sizeof(LTC_FAST_TYPE)) {
+              *((LTC_FAST_TYPE*)&(xcbc->IV[x])) ^= *((LTC_FAST_TYPE*)&(in[x]));
+           }
+           cipher_descriptor[xcbc->cipher].ecb_encrypt(xcbc->IV, xcbc->IV, &xcbc->key);
+           in    += xcbc->blocksize;
+           inlen -= xcbc->blocksize;
+       }
+  }
+#endif
+
+   while (inlen) {
+     if (xcbc->buflen == xcbc->blocksize) {
+         cipher_descriptor[xcbc->cipher].ecb_encrypt(xcbc->IV, xcbc->IV, &xcbc->key);
+         xcbc->buflen = 0;
+     }
+     xcbc->IV[xcbc->buflen++] ^= *in++;
+     --inlen;
+  }
+  return CRYPT_OK;       
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/xcbc/xcbc_process.c,v $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/11/09 22:43:52 $ */
+
diff --git a/libtomcrypt/src/mac/xcbc/xcbc_test.c b/libtomcrypt/src/mac/xcbc/xcbc_test.c
new file mode 100644
index 0000000..2c56c0a
--- /dev/null
+++ b/libtomcrypt/src/mac/xcbc/xcbc_test.c
@@ -0,0 +1,128 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file xcbc_test.c
+  XCBC Support, Test XCBC-MAC mode
+*/
+
+#ifdef LTC_XCBC
+
+/** Test XCBC-MAC mode
+  Return CRYPT_OK on succes
+*/
+int xcbc_test(void)
+{
+#ifdef LTC_NO_TEST
+   return CRYPT_NOP;
+#else
+   static const struct {
+       int msglen;
+       unsigned char K[16], M[34], T[16];
+   } tests[] = {
+{
+   0,
+   { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 
+     0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
+
+   { 0 },
+
+   { 0x75, 0xf0, 0x25, 0x1d, 0x52, 0x8a, 0xc0, 0x1c, 
+     0x45, 0x73, 0xdf, 0xd5, 0x84, 0xd7, 0x9f, 0x29 }
+},
+
+{
+   3,
+   { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 
+     0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
+
+   { 0x00, 0x01, 0x02 },
+
+   { 0x5b, 0x37, 0x65, 0x80, 0xae, 0x2f, 0x19, 0xaf, 
+     0xe7, 0x21, 0x9c, 0xee, 0xf1, 0x72, 0x75, 0x6f }
+},
+
+{
+   16,
+   { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 
+     0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
+
+   { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 
+     0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
+
+   { 0xd2, 0xa2, 0x46, 0xfa, 0x34, 0x9b, 0x68, 0xa7, 
+     0x99, 0x98, 0xa4, 0x39, 0x4f, 0xf7, 0xa2, 0x63 }
+},
+
+{
+   32,
+   { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 
+     0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
+
+   { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 
+     0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 
+     0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+     0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f },
+
+   { 0xf5, 0x4f, 0x0e, 0xc8, 0xd2, 0xb9, 0xf3, 0xd3, 
+     0x68, 0x07, 0x73, 0x4b, 0xd5, 0x28, 0x3f, 0xd4 }
+},
+
+{
+   34,
+   { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 
+     0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f },
+
+   { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 
+     0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 
+     0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+     0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
+     0x20, 0x21 },
+
+   { 0xbe, 0xcb, 0xb3, 0xbc, 0xcd, 0xb5, 0x18, 0xa3, 
+     0x06, 0x77, 0xd5, 0x48, 0x1f, 0xb6, 0xb4, 0xd8 },
+},
+
+
+
+};
+  unsigned char T[16];
+  unsigned long taglen;
+  int err, x, idx;
+
+  /* AES can be under rijndael or aes... try to find it */ 
+  if ((idx = find_cipher("aes")) == -1) {
+     if ((idx = find_cipher("rijndael")) == -1) {
+        return CRYPT_NOP;
+     }
+  }
+
+  for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
+     taglen = 16;
+     if ((err = xcbc_memory(idx, tests[x].K, 16, tests[x].M, tests[x].msglen, T, &taglen)) != CRYPT_OK) {
+        return err;
+     }
+     if (taglen != 16 || XMEMCMP(T, tests[x].T, 16)) {
+        return CRYPT_FAIL_TESTVECTOR;
+     }
+  }
+
+  return CRYPT_OK;
+#endif
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/mac/xcbc/xcbc_test.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/21 23:02:42 $ */
+
diff --git a/libtomcrypt/src/math/fp/ltc_ecc_fp_mulmod.c b/libtomcrypt/src/math/fp/ltc_ecc_fp_mulmod.c
new file mode 100644
index 0000000..d3c02c3
--- /dev/null
+++ b/libtomcrypt/src/math/fp/ltc_ecc_fp_mulmod.c
@@ -0,0 +1,1314 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ltc_ecc_fp_mulmod.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#if defined(MECC) && defined(MECC_FP)
+#include <limits.h>
+
+/* number of entries in the cache */
+#ifndef FP_ENTRIES
+#define FP_ENTRIES 16
+#endif
+
+/* number of bits in LUT */
+#ifndef FP_LUT
+#define FP_LUT     8U
+#endif
+
+#if (FP_LUT > 12) || (FP_LUT < 2)
+   #error FP_LUT must be between 2 and 12 inclusively
+#endif   
+
+/** Our FP cache */
+static struct {
+   ecc_point *g,              /* cached COPY of base point */
+             *LUT[1U<<FP_LUT]; /* fixed point lookup */ 
+   void      *mu;             /* copy of the montgomery constant */
+   int        lru_count;      /* amount of times this entry has been used */
+} fp_cache[FP_ENTRIES];
+
+LTC_MUTEX_GLOBAL(ltc_ecc_fp_lock)
+
+/* simple table to help direct the generation of the LUT */
+static const struct {
+   int ham, terma, termb;
+} lut_orders[] = {
+   { 0, 0, 0 }, { 1, 0, 0 }, { 1, 0, 0 }, { 2, 1, 2 }, { 1, 0, 0 }, { 2, 1, 4 }, { 2, 2, 4 }, { 3, 3, 4 }, 
+   { 1, 0, 0 }, { 2, 1, 8 }, { 2, 2, 8 }, { 3, 3, 8 }, { 2, 4, 8 }, { 3, 5, 8 }, { 3, 6, 8 }, { 4, 7, 8 }, 
+   { 1, 0, 0 }, { 2, 1, 16 }, { 2, 2, 16 }, { 3, 3, 16 }, { 2, 4, 16 }, { 3, 5, 16 }, { 3, 6, 16 }, { 4, 7, 16 }, 
+   { 2, 8, 16 }, { 3, 9, 16 }, { 3, 10, 16 }, { 4, 11, 16 }, { 3, 12, 16 }, { 4, 13, 16 }, { 4, 14, 16 }, { 5, 15, 16 }, 
+   { 1, 0, 0 }, { 2, 1, 32 }, { 2, 2, 32 }, { 3, 3, 32 }, { 2, 4, 32 }, { 3, 5, 32 }, { 3, 6, 32 }, { 4, 7, 32 }, 
+   { 2, 8, 32 }, { 3, 9, 32 }, { 3, 10, 32 }, { 4, 11, 32 }, { 3, 12, 32 }, { 4, 13, 32 }, { 4, 14, 32 }, { 5, 15, 32 }, 
+   { 2, 16, 32 }, { 3, 17, 32 }, { 3, 18, 32 }, { 4, 19, 32 }, { 3, 20, 32 }, { 4, 21, 32 }, { 4, 22, 32 }, { 5, 23, 32 }, 
+   { 3, 24, 32 }, { 4, 25, 32 }, { 4, 26, 32 }, { 5, 27, 32 }, { 4, 28, 32 }, { 5, 29, 32 }, { 5, 30, 32 }, { 6, 31, 32 }, 
+#if FP_LUT > 6
+   { 1, 0, 0 }, { 2, 1, 64 }, { 2, 2, 64 }, { 3, 3, 64 }, { 2, 4, 64 }, { 3, 5, 64 }, { 3, 6, 64 }, { 4, 7, 64 }, 
+   { 2, 8, 64 }, { 3, 9, 64 }, { 3, 10, 64 }, { 4, 11, 64 }, { 3, 12, 64 }, { 4, 13, 64 }, { 4, 14, 64 }, { 5, 15, 64 }, 
+   { 2, 16, 64 }, { 3, 17, 64 }, { 3, 18, 64 }, { 4, 19, 64 }, { 3, 20, 64 }, { 4, 21, 64 }, { 4, 22, 64 }, { 5, 23, 64 }, 
+   { 3, 24, 64 }, { 4, 25, 64 }, { 4, 26, 64 }, { 5, 27, 64 }, { 4, 28, 64 }, { 5, 29, 64 }, { 5, 30, 64 }, { 6, 31, 64 }, 
+   { 2, 32, 64 }, { 3, 33, 64 }, { 3, 34, 64 }, { 4, 35, 64 }, { 3, 36, 64 }, { 4, 37, 64 }, { 4, 38, 64 }, { 5, 39, 64 }, 
+   { 3, 40, 64 }, { 4, 41, 64 }, { 4, 42, 64 }, { 5, 43, 64 }, { 4, 44, 64 }, { 5, 45, 64 }, { 5, 46, 64 }, { 6, 47, 64 }, 
+   { 3, 48, 64 }, { 4, 49, 64 }, { 4, 50, 64 }, { 5, 51, 64 }, { 4, 52, 64 }, { 5, 53, 64 }, { 5, 54, 64 }, { 6, 55, 64 }, 
+   { 4, 56, 64 }, { 5, 57, 64 }, { 5, 58, 64 }, { 6, 59, 64 }, { 5, 60, 64 }, { 6, 61, 64 }, { 6, 62, 64 }, { 7, 63, 64 }, 
+#if FP_LUT > 7
+   { 1, 0, 0 }, { 2, 1, 128 }, { 2, 2, 128 }, { 3, 3, 128 }, { 2, 4, 128 }, { 3, 5, 128 }, { 3, 6, 128 }, { 4, 7, 128 }, 
+   { 2, 8, 128 }, { 3, 9, 128 }, { 3, 10, 128 }, { 4, 11, 128 }, { 3, 12, 128 }, { 4, 13, 128 }, { 4, 14, 128 }, { 5, 15, 128 }, 
+   { 2, 16, 128 }, { 3, 17, 128 }, { 3, 18, 128 }, { 4, 19, 128 }, { 3, 20, 128 }, { 4, 21, 128 }, { 4, 22, 128 }, { 5, 23, 128 }, 
+   { 3, 24, 128 }, { 4, 25, 128 }, { 4, 26, 128 }, { 5, 27, 128 }, { 4, 28, 128 }, { 5, 29, 128 }, { 5, 30, 128 }, { 6, 31, 128 }, 
+   { 2, 32, 128 }, { 3, 33, 128 }, { 3, 34, 128 }, { 4, 35, 128 }, { 3, 36, 128 }, { 4, 37, 128 }, { 4, 38, 128 }, { 5, 39, 128 }, 
+   { 3, 40, 128 }, { 4, 41, 128 }, { 4, 42, 128 }, { 5, 43, 128 }, { 4, 44, 128 }, { 5, 45, 128 }, { 5, 46, 128 }, { 6, 47, 128 }, 
+   { 3, 48, 128 }, { 4, 49, 128 }, { 4, 50, 128 }, { 5, 51, 128 }, { 4, 52, 128 }, { 5, 53, 128 }, { 5, 54, 128 }, { 6, 55, 128 }, 
+   { 4, 56, 128 }, { 5, 57, 128 }, { 5, 58, 128 }, { 6, 59, 128 }, { 5, 60, 128 }, { 6, 61, 128 }, { 6, 62, 128 }, { 7, 63, 128 }, 
+   { 2, 64, 128 }, { 3, 65, 128 }, { 3, 66, 128 }, { 4, 67, 128 }, { 3, 68, 128 }, { 4, 69, 128 }, { 4, 70, 128 }, { 5, 71, 128 }, 
+   { 3, 72, 128 }, { 4, 73, 128 }, { 4, 74, 128 }, { 5, 75, 128 }, { 4, 76, 128 }, { 5, 77, 128 }, { 5, 78, 128 }, { 6, 79, 128 }, 
+   { 3, 80, 128 }, { 4, 81, 128 }, { 4, 82, 128 }, { 5, 83, 128 }, { 4, 84, 128 }, { 5, 85, 128 }, { 5, 86, 128 }, { 6, 87, 128 }, 
+   { 4, 88, 128 }, { 5, 89, 128 }, { 5, 90, 128 }, { 6, 91, 128 }, { 5, 92, 128 }, { 6, 93, 128 }, { 6, 94, 128 }, { 7, 95, 128 }, 
+   { 3, 96, 128 }, { 4, 97, 128 }, { 4, 98, 128 }, { 5, 99, 128 }, { 4, 100, 128 }, { 5, 101, 128 }, { 5, 102, 128 }, { 6, 103, 128 }, 
+   { 4, 104, 128 }, { 5, 105, 128 }, { 5, 106, 128 }, { 6, 107, 128 }, { 5, 108, 128 }, { 6, 109, 128 }, { 6, 110, 128 }, { 7, 111, 128 }, 
+   { 4, 112, 128 }, { 5, 113, 128 }, { 5, 114, 128 }, { 6, 115, 128 }, { 5, 116, 128 }, { 6, 117, 128 }, { 6, 118, 128 }, { 7, 119, 128 }, 
+   { 5, 120, 128 }, { 6, 121, 128 }, { 6, 122, 128 }, { 7, 123, 128 }, { 6, 124, 128 }, { 7, 125, 128 }, { 7, 126, 128 }, { 8, 127, 128 }, 
+#if FP_LUT > 8
+   { 1, 0, 0 }, { 2, 1, 256 }, { 2, 2, 256 }, { 3, 3, 256 }, { 2, 4, 256 }, { 3, 5, 256 }, { 3, 6, 256 }, { 4, 7, 256 }, 
+   { 2, 8, 256 }, { 3, 9, 256 }, { 3, 10, 256 }, { 4, 11, 256 }, { 3, 12, 256 }, { 4, 13, 256 }, { 4, 14, 256 }, { 5, 15, 256 }, 
+   { 2, 16, 256 }, { 3, 17, 256 }, { 3, 18, 256 }, { 4, 19, 256 }, { 3, 20, 256 }, { 4, 21, 256 }, { 4, 22, 256 }, { 5, 23, 256 }, 
+   { 3, 24, 256 }, { 4, 25, 256 }, { 4, 26, 256 }, { 5, 27, 256 }, { 4, 28, 256 }, { 5, 29, 256 }, { 5, 30, 256 }, { 6, 31, 256 }, 
+   { 2, 32, 256 }, { 3, 33, 256 }, { 3, 34, 256 }, { 4, 35, 256 }, { 3, 36, 256 }, { 4, 37, 256 }, { 4, 38, 256 }, { 5, 39, 256 }, 
+   { 3, 40, 256 }, { 4, 41, 256 }, { 4, 42, 256 }, { 5, 43, 256 }, { 4, 44, 256 }, { 5, 45, 256 }, { 5, 46, 256 }, { 6, 47, 256 }, 
+   { 3, 48, 256 }, { 4, 49, 256 }, { 4, 50, 256 }, { 5, 51, 256 }, { 4, 52, 256 }, { 5, 53, 256 }, { 5, 54, 256 }, { 6, 55, 256 }, 
+   { 4, 56, 256 }, { 5, 57, 256 }, { 5, 58, 256 }, { 6, 59, 256 }, { 5, 60, 256 }, { 6, 61, 256 }, { 6, 62, 256 }, { 7, 63, 256 }, 
+   { 2, 64, 256 }, { 3, 65, 256 }, { 3, 66, 256 }, { 4, 67, 256 }, { 3, 68, 256 }, { 4, 69, 256 }, { 4, 70, 256 }, { 5, 71, 256 }, 
+   { 3, 72, 256 }, { 4, 73, 256 }, { 4, 74, 256 }, { 5, 75, 256 }, { 4, 76, 256 }, { 5, 77, 256 }, { 5, 78, 256 }, { 6, 79, 256 }, 
+   { 3, 80, 256 }, { 4, 81, 256 }, { 4, 82, 256 }, { 5, 83, 256 }, { 4, 84, 256 }, { 5, 85, 256 }, { 5, 86, 256 }, { 6, 87, 256 }, 
+   { 4, 88, 256 }, { 5, 89, 256 }, { 5, 90, 256 }, { 6, 91, 256 }, { 5, 92, 256 }, { 6, 93, 256 }, { 6, 94, 256 }, { 7, 95, 256 }, 
+   { 3, 96, 256 }, { 4, 97, 256 }, { 4, 98, 256 }, { 5, 99, 256 }, { 4, 100, 256 }, { 5, 101, 256 }, { 5, 102, 256 }, { 6, 103, 256 }, 
+   { 4, 104, 256 }, { 5, 105, 256 }, { 5, 106, 256 }, { 6, 107, 256 }, { 5, 108, 256 }, { 6, 109, 256 }, { 6, 110, 256 }, { 7, 111, 256 }, 
+   { 4, 112, 256 }, { 5, 113, 256 }, { 5, 114, 256 }, { 6, 115, 256 }, { 5, 116, 256 }, { 6, 117, 256 }, { 6, 118, 256 }, { 7, 119, 256 }, 
+   { 5, 120, 256 }, { 6, 121, 256 }, { 6, 122, 256 }, { 7, 123, 256 }, { 6, 124, 256 }, { 7, 125, 256 }, { 7, 126, 256 }, { 8, 127, 256 }, 
+   { 2, 128, 256 }, { 3, 129, 256 }, { 3, 130, 256 }, { 4, 131, 256 }, { 3, 132, 256 }, { 4, 133, 256 }, { 4, 134, 256 }, { 5, 135, 256 }, 
+   { 3, 136, 256 }, { 4, 137, 256 }, { 4, 138, 256 }, { 5, 139, 256 }, { 4, 140, 256 }, { 5, 141, 256 }, { 5, 142, 256 }, { 6, 143, 256 }, 
+   { 3, 144, 256 }, { 4, 145, 256 }, { 4, 146, 256 }, { 5, 147, 256 }, { 4, 148, 256 }, { 5, 149, 256 }, { 5, 150, 256 }, { 6, 151, 256 }, 
+   { 4, 152, 256 }, { 5, 153, 256 }, { 5, 154, 256 }, { 6, 155, 256 }, { 5, 156, 256 }, { 6, 157, 256 }, { 6, 158, 256 }, { 7, 159, 256 }, 
+   { 3, 160, 256 }, { 4, 161, 256 }, { 4, 162, 256 }, { 5, 163, 256 }, { 4, 164, 256 }, { 5, 165, 256 }, { 5, 166, 256 }, { 6, 167, 256 }, 
+   { 4, 168, 256 }, { 5, 169, 256 }, { 5, 170, 256 }, { 6, 171, 256 }, { 5, 172, 256 }, { 6, 173, 256 }, { 6, 174, 256 }, { 7, 175, 256 }, 
+   { 4, 176, 256 }, { 5, 177, 256 }, { 5, 178, 256 }, { 6, 179, 256 }, { 5, 180, 256 }, { 6, 181, 256 }, { 6, 182, 256 }, { 7, 183, 256 }, 
+   { 5, 184, 256 }, { 6, 185, 256 }, { 6, 186, 256 }, { 7, 187, 256 }, { 6, 188, 256 }, { 7, 189, 256 }, { 7, 190, 256 }, { 8, 191, 256 }, 
+   { 3, 192, 256 }, { 4, 193, 256 }, { 4, 194, 256 }, { 5, 195, 256 }, { 4, 196, 256 }, { 5, 197, 256 }, { 5, 198, 256 }, { 6, 199, 256 }, 
+   { 4, 200, 256 }, { 5, 201, 256 }, { 5, 202, 256 }, { 6, 203, 256 }, { 5, 204, 256 }, { 6, 205, 256 }, { 6, 206, 256 }, { 7, 207, 256 }, 
+   { 4, 208, 256 }, { 5, 209, 256 }, { 5, 210, 256 }, { 6, 211, 256 }, { 5, 212, 256 }, { 6, 213, 256 }, { 6, 214, 256 }, { 7, 215, 256 }, 
+   { 5, 216, 256 }, { 6, 217, 256 }, { 6, 218, 256 }, { 7, 219, 256 }, { 6, 220, 256 }, { 7, 221, 256 }, { 7, 222, 256 }, { 8, 223, 256 }, 
+   { 4, 224, 256 }, { 5, 225, 256 }, { 5, 226, 256 }, { 6, 227, 256 }, { 5, 228, 256 }, { 6, 229, 256 }, { 6, 230, 256 }, { 7, 231, 256 }, 
+   { 5, 232, 256 }, { 6, 233, 256 }, { 6, 234, 256 }, { 7, 235, 256 }, { 6, 236, 256 }, { 7, 237, 256 }, { 7, 238, 256 }, { 8, 239, 256 }, 
+   { 5, 240, 256 }, { 6, 241, 256 }, { 6, 242, 256 }, { 7, 243, 256 }, { 6, 244, 256 }, { 7, 245, 256 }, { 7, 246, 256 }, { 8, 247, 256 }, 
+   { 6, 248, 256 }, { 7, 249, 256 }, { 7, 250, 256 }, { 8, 251, 256 }, { 7, 252, 256 }, { 8, 253, 256 }, { 8, 254, 256 }, { 9, 255, 256 }, 
+#if FP_LUT > 9
+   { 1, 0, 0 }, { 2, 1, 512 }, { 2, 2, 512 }, { 3, 3, 512 }, { 2, 4, 512 }, { 3, 5, 512 }, { 3, 6, 512 }, { 4, 7, 512 }, 
+   { 2, 8, 512 }, { 3, 9, 512 }, { 3, 10, 512 }, { 4, 11, 512 }, { 3, 12, 512 }, { 4, 13, 512 }, { 4, 14, 512 }, { 5, 15, 512 }, 
+   { 2, 16, 512 }, { 3, 17, 512 }, { 3, 18, 512 }, { 4, 19, 512 }, { 3, 20, 512 }, { 4, 21, 512 }, { 4, 22, 512 }, { 5, 23, 512 }, 
+   { 3, 24, 512 }, { 4, 25, 512 }, { 4, 26, 512 }, { 5, 27, 512 }, { 4, 28, 512 }, { 5, 29, 512 }, { 5, 30, 512 }, { 6, 31, 512 }, 
+   { 2, 32, 512 }, { 3, 33, 512 }, { 3, 34, 512 }, { 4, 35, 512 }, { 3, 36, 512 }, { 4, 37, 512 }, { 4, 38, 512 }, { 5, 39, 512 }, 
+   { 3, 40, 512 }, { 4, 41, 512 }, { 4, 42, 512 }, { 5, 43, 512 }, { 4, 44, 512 }, { 5, 45, 512 }, { 5, 46, 512 }, { 6, 47, 512 }, 
+   { 3, 48, 512 }, { 4, 49, 512 }, { 4, 50, 512 }, { 5, 51, 512 }, { 4, 52, 512 }, { 5, 53, 512 }, { 5, 54, 512 }, { 6, 55, 512 }, 
+   { 4, 56, 512 }, { 5, 57, 512 }, { 5, 58, 512 }, { 6, 59, 512 }, { 5, 60, 512 }, { 6, 61, 512 }, { 6, 62, 512 }, { 7, 63, 512 }, 
+   { 2, 64, 512 }, { 3, 65, 512 }, { 3, 66, 512 }, { 4, 67, 512 }, { 3, 68, 512 }, { 4, 69, 512 }, { 4, 70, 512 }, { 5, 71, 512 }, 
+   { 3, 72, 512 }, { 4, 73, 512 }, { 4, 74, 512 }, { 5, 75, 512 }, { 4, 76, 512 }, { 5, 77, 512 }, { 5, 78, 512 }, { 6, 79, 512 }, 
+   { 3, 80, 512 }, { 4, 81, 512 }, { 4, 82, 512 }, { 5, 83, 512 }, { 4, 84, 512 }, { 5, 85, 512 }, { 5, 86, 512 }, { 6, 87, 512 }, 
+   { 4, 88, 512 }, { 5, 89, 512 }, { 5, 90, 512 }, { 6, 91, 512 }, { 5, 92, 512 }, { 6, 93, 512 }, { 6, 94, 512 }, { 7, 95, 512 }, 
+   { 3, 96, 512 }, { 4, 97, 512 }, { 4, 98, 512 }, { 5, 99, 512 }, { 4, 100, 512 }, { 5, 101, 512 }, { 5, 102, 512 }, { 6, 103, 512 }, 
+   { 4, 104, 512 }, { 5, 105, 512 }, { 5, 106, 512 }, { 6, 107, 512 }, { 5, 108, 512 }, { 6, 109, 512 }, { 6, 110, 512 }, { 7, 111, 512 }, 
+   { 4, 112, 512 }, { 5, 113, 512 }, { 5, 114, 512 }, { 6, 115, 512 }, { 5, 116, 512 }, { 6, 117, 512 }, { 6, 118, 512 }, { 7, 119, 512 }, 
+   { 5, 120, 512 }, { 6, 121, 512 }, { 6, 122, 512 }, { 7, 123, 512 }, { 6, 124, 512 }, { 7, 125, 512 }, { 7, 126, 512 }, { 8, 127, 512 }, 
+   { 2, 128, 512 }, { 3, 129, 512 }, { 3, 130, 512 }, { 4, 131, 512 }, { 3, 132, 512 }, { 4, 133, 512 }, { 4, 134, 512 }, { 5, 135, 512 }, 
+   { 3, 136, 512 }, { 4, 137, 512 }, { 4, 138, 512 }, { 5, 139, 512 }, { 4, 140, 512 }, { 5, 141, 512 }, { 5, 142, 512 }, { 6, 143, 512 }, 
+   { 3, 144, 512 }, { 4, 145, 512 }, { 4, 146, 512 }, { 5, 147, 512 }, { 4, 148, 512 }, { 5, 149, 512 }, { 5, 150, 512 }, { 6, 151, 512 }, 
+   { 4, 152, 512 }, { 5, 153, 512 }, { 5, 154, 512 }, { 6, 155, 512 }, { 5, 156, 512 }, { 6, 157, 512 }, { 6, 158, 512 }, { 7, 159, 512 }, 
+   { 3, 160, 512 }, { 4, 161, 512 }, { 4, 162, 512 }, { 5, 163, 512 }, { 4, 164, 512 }, { 5, 165, 512 }, { 5, 166, 512 }, { 6, 167, 512 }, 
+   { 4, 168, 512 }, { 5, 169, 512 }, { 5, 170, 512 }, { 6, 171, 512 }, { 5, 172, 512 }, { 6, 173, 512 }, { 6, 174, 512 }, { 7, 175, 512 }, 
+   { 4, 176, 512 }, { 5, 177, 512 }, { 5, 178, 512 }, { 6, 179, 512 }, { 5, 180, 512 }, { 6, 181, 512 }, { 6, 182, 512 }, { 7, 183, 512 }, 
+   { 5, 184, 512 }, { 6, 185, 512 }, { 6, 186, 512 }, { 7, 187, 512 }, { 6, 188, 512 }, { 7, 189, 512 }, { 7, 190, 512 }, { 8, 191, 512 }, 
+   { 3, 192, 512 }, { 4, 193, 512 }, { 4, 194, 512 }, { 5, 195, 512 }, { 4, 196, 512 }, { 5, 197, 512 }, { 5, 198, 512 }, { 6, 199, 512 }, 
+   { 4, 200, 512 }, { 5, 201, 512 }, { 5, 202, 512 }, { 6, 203, 512 }, { 5, 204, 512 }, { 6, 205, 512 }, { 6, 206, 512 }, { 7, 207, 512 }, 
+   { 4, 208, 512 }, { 5, 209, 512 }, { 5, 210, 512 }, { 6, 211, 512 }, { 5, 212, 512 }, { 6, 213, 512 }, { 6, 214, 512 }, { 7, 215, 512 }, 
+   { 5, 216, 512 }, { 6, 217, 512 }, { 6, 218, 512 }, { 7, 219, 512 }, { 6, 220, 512 }, { 7, 221, 512 }, { 7, 222, 512 }, { 8, 223, 512 }, 
+   { 4, 224, 512 }, { 5, 225, 512 }, { 5, 226, 512 }, { 6, 227, 512 }, { 5, 228, 512 }, { 6, 229, 512 }, { 6, 230, 512 }, { 7, 231, 512 }, 
+   { 5, 232, 512 }, { 6, 233, 512 }, { 6, 234, 512 }, { 7, 235, 512 }, { 6, 236, 512 }, { 7, 237, 512 }, { 7, 238, 512 }, { 8, 239, 512 }, 
+   { 5, 240, 512 }, { 6, 241, 512 }, { 6, 242, 512 }, { 7, 243, 512 }, { 6, 244, 512 }, { 7, 245, 512 }, { 7, 246, 512 }, { 8, 247, 512 }, 
+   { 6, 248, 512 }, { 7, 249, 512 }, { 7, 250, 512 }, { 8, 251, 512 }, { 7, 252, 512 }, { 8, 253, 512 }, { 8, 254, 512 }, { 9, 255, 512 }, 
+   { 2, 256, 512 }, { 3, 257, 512 }, { 3, 258, 512 }, { 4, 259, 512 }, { 3, 260, 512 }, { 4, 261, 512 }, { 4, 262, 512 }, { 5, 263, 512 }, 
+   { 3, 264, 512 }, { 4, 265, 512 }, { 4, 266, 512 }, { 5, 267, 512 }, { 4, 268, 512 }, { 5, 269, 512 }, { 5, 270, 512 }, { 6, 271, 512 }, 
+   { 3, 272, 512 }, { 4, 273, 512 }, { 4, 274, 512 }, { 5, 275, 512 }, { 4, 276, 512 }, { 5, 277, 512 }, { 5, 278, 512 }, { 6, 279, 512 }, 
+   { 4, 280, 512 }, { 5, 281, 512 }, { 5, 282, 512 }, { 6, 283, 512 }, { 5, 284, 512 }, { 6, 285, 512 }, { 6, 286, 512 }, { 7, 287, 512 }, 
+   { 3, 288, 512 }, { 4, 289, 512 }, { 4, 290, 512 }, { 5, 291, 512 }, { 4, 292, 512 }, { 5, 293, 512 }, { 5, 294, 512 }, { 6, 295, 512 }, 
+   { 4, 296, 512 }, { 5, 297, 512 }, { 5, 298, 512 }, { 6, 299, 512 }, { 5, 300, 512 }, { 6, 301, 512 }, { 6, 302, 512 }, { 7, 303, 512 }, 
+   { 4, 304, 512 }, { 5, 305, 512 }, { 5, 306, 512 }, { 6, 307, 512 }, { 5, 308, 512 }, { 6, 309, 512 }, { 6, 310, 512 }, { 7, 311, 512 }, 
+   { 5, 312, 512 }, { 6, 313, 512 }, { 6, 314, 512 }, { 7, 315, 512 }, { 6, 316, 512 }, { 7, 317, 512 }, { 7, 318, 512 }, { 8, 319, 512 }, 
+   { 3, 320, 512 }, { 4, 321, 512 }, { 4, 322, 512 }, { 5, 323, 512 }, { 4, 324, 512 }, { 5, 325, 512 }, { 5, 326, 512 }, { 6, 327, 512 }, 
+   { 4, 328, 512 }, { 5, 329, 512 }, { 5, 330, 512 }, { 6, 331, 512 }, { 5, 332, 512 }, { 6, 333, 512 }, { 6, 334, 512 }, { 7, 335, 512 }, 
+   { 4, 336, 512 }, { 5, 337, 512 }, { 5, 338, 512 }, { 6, 339, 512 }, { 5, 340, 512 }, { 6, 341, 512 }, { 6, 342, 512 }, { 7, 343, 512 }, 
+   { 5, 344, 512 }, { 6, 345, 512 }, { 6, 346, 512 }, { 7, 347, 512 }, { 6, 348, 512 }, { 7, 349, 512 }, { 7, 350, 512 }, { 8, 351, 512 }, 
+   { 4, 352, 512 }, { 5, 353, 512 }, { 5, 354, 512 }, { 6, 355, 512 }, { 5, 356, 512 }, { 6, 357, 512 }, { 6, 358, 512 }, { 7, 359, 512 }, 
+   { 5, 360, 512 }, { 6, 361, 512 }, { 6, 362, 512 }, { 7, 363, 512 }, { 6, 364, 512 }, { 7, 365, 512 }, { 7, 366, 512 }, { 8, 367, 512 }, 
+   { 5, 368, 512 }, { 6, 369, 512 }, { 6, 370, 512 }, { 7, 371, 512 }, { 6, 372, 512 }, { 7, 373, 512 }, { 7, 374, 512 }, { 8, 375, 512 }, 
+   { 6, 376, 512 }, { 7, 377, 512 }, { 7, 378, 512 }, { 8, 379, 512 }, { 7, 380, 512 }, { 8, 381, 512 }, { 8, 382, 512 }, { 9, 383, 512 }, 
+   { 3, 384, 512 }, { 4, 385, 512 }, { 4, 386, 512 }, { 5, 387, 512 }, { 4, 388, 512 }, { 5, 389, 512 }, { 5, 390, 512 }, { 6, 391, 512 }, 
+   { 4, 392, 512 }, { 5, 393, 512 }, { 5, 394, 512 }, { 6, 395, 512 }, { 5, 396, 512 }, { 6, 397, 512 }, { 6, 398, 512 }, { 7, 399, 512 }, 
+   { 4, 400, 512 }, { 5, 401, 512 }, { 5, 402, 512 }, { 6, 403, 512 }, { 5, 404, 512 }, { 6, 405, 512 }, { 6, 406, 512 }, { 7, 407, 512 }, 
+   { 5, 408, 512 }, { 6, 409, 512 }, { 6, 410, 512 }, { 7, 411, 512 }, { 6, 412, 512 }, { 7, 413, 512 }, { 7, 414, 512 }, { 8, 415, 512 }, 
+   { 4, 416, 512 }, { 5, 417, 512 }, { 5, 418, 512 }, { 6, 419, 512 }, { 5, 420, 512 }, { 6, 421, 512 }, { 6, 422, 512 }, { 7, 423, 512 }, 
+   { 5, 424, 512 }, { 6, 425, 512 }, { 6, 426, 512 }, { 7, 427, 512 }, { 6, 428, 512 }, { 7, 429, 512 }, { 7, 430, 512 }, { 8, 431, 512 }, 
+   { 5, 432, 512 }, { 6, 433, 512 }, { 6, 434, 512 }, { 7, 435, 512 }, { 6, 436, 512 }, { 7, 437, 512 }, { 7, 438, 512 }, { 8, 439, 512 }, 
+   { 6, 440, 512 }, { 7, 441, 512 }, { 7, 442, 512 }, { 8, 443, 512 }, { 7, 444, 512 }, { 8, 445, 512 }, { 8, 446, 512 }, { 9, 447, 512 }, 
+   { 4, 448, 512 }, { 5, 449, 512 }, { 5, 450, 512 }, { 6, 451, 512 }, { 5, 452, 512 }, { 6, 453, 512 }, { 6, 454, 512 }, { 7, 455, 512 }, 
+   { 5, 456, 512 }, { 6, 457, 512 }, { 6, 458, 512 }, { 7, 459, 512 }, { 6, 460, 512 }, { 7, 461, 512 }, { 7, 462, 512 }, { 8, 463, 512 }, 
+   { 5, 464, 512 }, { 6, 465, 512 }, { 6, 466, 512 }, { 7, 467, 512 }, { 6, 468, 512 }, { 7, 469, 512 }, { 7, 470, 512 }, { 8, 471, 512 }, 
+   { 6, 472, 512 }, { 7, 473, 512 }, { 7, 474, 512 }, { 8, 475, 512 }, { 7, 476, 512 }, { 8, 477, 512 }, { 8, 478, 512 }, { 9, 479, 512 }, 
+   { 5, 480, 512 }, { 6, 481, 512 }, { 6, 482, 512 }, { 7, 483, 512 }, { 6, 484, 512 }, { 7, 485, 512 }, { 7, 486, 512 }, { 8, 487, 512 }, 
+   { 6, 488, 512 }, { 7, 489, 512 }, { 7, 490, 512 }, { 8, 491, 512 }, { 7, 492, 512 }, { 8, 493, 512 }, { 8, 494, 512 }, { 9, 495, 512 }, 
+   { 6, 496, 512 }, { 7, 497, 512 }, { 7, 498, 512 }, { 8, 499, 512 }, { 7, 500, 512 }, { 8, 501, 512 }, { 8, 502, 512 }, { 9, 503, 512 }, 
+   { 7, 504, 512 }, { 8, 505, 512 }, { 8, 506, 512 }, { 9, 507, 512 }, { 8, 508, 512 }, { 9, 509, 512 }, { 9, 510, 512 }, { 10, 511, 512 }, 
+#if FP_LUT > 10
+   { 1, 0, 0 }, { 2, 1, 1024 }, { 2, 2, 1024 }, { 3, 3, 1024 }, { 2, 4, 1024 }, { 3, 5, 1024 }, { 3, 6, 1024 }, { 4, 7, 1024 }, 
+   { 2, 8, 1024 }, { 3, 9, 1024 }, { 3, 10, 1024 }, { 4, 11, 1024 }, { 3, 12, 1024 }, { 4, 13, 1024 }, { 4, 14, 1024 }, { 5, 15, 1024 }, 
+   { 2, 16, 1024 }, { 3, 17, 1024 }, { 3, 18, 1024 }, { 4, 19, 1024 }, { 3, 20, 1024 }, { 4, 21, 1024 }, { 4, 22, 1024 }, { 5, 23, 1024 }, 
+   { 3, 24, 1024 }, { 4, 25, 1024 }, { 4, 26, 1024 }, { 5, 27, 1024 }, { 4, 28, 1024 }, { 5, 29, 1024 }, { 5, 30, 1024 }, { 6, 31, 1024 }, 
+   { 2, 32, 1024 }, { 3, 33, 1024 }, { 3, 34, 1024 }, { 4, 35, 1024 }, { 3, 36, 1024 }, { 4, 37, 1024 }, { 4, 38, 1024 }, { 5, 39, 1024 }, 
+   { 3, 40, 1024 }, { 4, 41, 1024 }, { 4, 42, 1024 }, { 5, 43, 1024 }, { 4, 44, 1024 }, { 5, 45, 1024 }, { 5, 46, 1024 }, { 6, 47, 1024 }, 
+   { 3, 48, 1024 }, { 4, 49, 1024 }, { 4, 50, 1024 }, { 5, 51, 1024 }, { 4, 52, 1024 }, { 5, 53, 1024 }, { 5, 54, 1024 }, { 6, 55, 1024 }, 
+   { 4, 56, 1024 }, { 5, 57, 1024 }, { 5, 58, 1024 }, { 6, 59, 1024 }, { 5, 60, 1024 }, { 6, 61, 1024 }, { 6, 62, 1024 }, { 7, 63, 1024 }, 
+   { 2, 64, 1024 }, { 3, 65, 1024 }, { 3, 66, 1024 }, { 4, 67, 1024 }, { 3, 68, 1024 }, { 4, 69, 1024 }, { 4, 70, 1024 }, { 5, 71, 1024 }, 
+   { 3, 72, 1024 }, { 4, 73, 1024 }, { 4, 74, 1024 }, { 5, 75, 1024 }, { 4, 76, 1024 }, { 5, 77, 1024 }, { 5, 78, 1024 }, { 6, 79, 1024 }, 
+   { 3, 80, 1024 }, { 4, 81, 1024 }, { 4, 82, 1024 }, { 5, 83, 1024 }, { 4, 84, 1024 }, { 5, 85, 1024 }, { 5, 86, 1024 }, { 6, 87, 1024 }, 
+   { 4, 88, 1024 }, { 5, 89, 1024 }, { 5, 90, 1024 }, { 6, 91, 1024 }, { 5, 92, 1024 }, { 6, 93, 1024 }, { 6, 94, 1024 }, { 7, 95, 1024 }, 
+   { 3, 96, 1024 }, { 4, 97, 1024 }, { 4, 98, 1024 }, { 5, 99, 1024 }, { 4, 100, 1024 }, { 5, 101, 1024 }, { 5, 102, 1024 }, { 6, 103, 1024 }, 
+   { 4, 104, 1024 }, { 5, 105, 1024 }, { 5, 106, 1024 }, { 6, 107, 1024 }, { 5, 108, 1024 }, { 6, 109, 1024 }, { 6, 110, 1024 }, { 7, 111, 1024 }, 
+   { 4, 112, 1024 }, { 5, 113, 1024 }, { 5, 114, 1024 }, { 6, 115, 1024 }, { 5, 116, 1024 }, { 6, 117, 1024 }, { 6, 118, 1024 }, { 7, 119, 1024 }, 
+   { 5, 120, 1024 }, { 6, 121, 1024 }, { 6, 122, 1024 }, { 7, 123, 1024 }, { 6, 124, 1024 }, { 7, 125, 1024 }, { 7, 126, 1024 }, { 8, 127, 1024 }, 
+   { 2, 128, 1024 }, { 3, 129, 1024 }, { 3, 130, 1024 }, { 4, 131, 1024 }, { 3, 132, 1024 }, { 4, 133, 1024 }, { 4, 134, 1024 }, { 5, 135, 1024 }, 
+   { 3, 136, 1024 }, { 4, 137, 1024 }, { 4, 138, 1024 }, { 5, 139, 1024 }, { 4, 140, 1024 }, { 5, 141, 1024 }, { 5, 142, 1024 }, { 6, 143, 1024 }, 
+   { 3, 144, 1024 }, { 4, 145, 1024 }, { 4, 146, 1024 }, { 5, 147, 1024 }, { 4, 148, 1024 }, { 5, 149, 1024 }, { 5, 150, 1024 }, { 6, 151, 1024 }, 
+   { 4, 152, 1024 }, { 5, 153, 1024 }, { 5, 154, 1024 }, { 6, 155, 1024 }, { 5, 156, 1024 }, { 6, 157, 1024 }, { 6, 158, 1024 }, { 7, 159, 1024 }, 
+   { 3, 160, 1024 }, { 4, 161, 1024 }, { 4, 162, 1024 }, { 5, 163, 1024 }, { 4, 164, 1024 }, { 5, 165, 1024 }, { 5, 166, 1024 }, { 6, 167, 1024 }, 
+   { 4, 168, 1024 }, { 5, 169, 1024 }, { 5, 170, 1024 }, { 6, 171, 1024 }, { 5, 172, 1024 }, { 6, 173, 1024 }, { 6, 174, 1024 }, { 7, 175, 1024 }, 
+   { 4, 176, 1024 }, { 5, 177, 1024 }, { 5, 178, 1024 }, { 6, 179, 1024 }, { 5, 180, 1024 }, { 6, 181, 1024 }, { 6, 182, 1024 }, { 7, 183, 1024 }, 
+   { 5, 184, 1024 }, { 6, 185, 1024 }, { 6, 186, 1024 }, { 7, 187, 1024 }, { 6, 188, 1024 }, { 7, 189, 1024 }, { 7, 190, 1024 }, { 8, 191, 1024 }, 
+   { 3, 192, 1024 }, { 4, 193, 1024 }, { 4, 194, 1024 }, { 5, 195, 1024 }, { 4, 196, 1024 }, { 5, 197, 1024 }, { 5, 198, 1024 }, { 6, 199, 1024 }, 
+   { 4, 200, 1024 }, { 5, 201, 1024 }, { 5, 202, 1024 }, { 6, 203, 1024 }, { 5, 204, 1024 }, { 6, 205, 1024 }, { 6, 206, 1024 }, { 7, 207, 1024 }, 
+   { 4, 208, 1024 }, { 5, 209, 1024 }, { 5, 210, 1024 }, { 6, 211, 1024 }, { 5, 212, 1024 }, { 6, 213, 1024 }, { 6, 214, 1024 }, { 7, 215, 1024 }, 
+   { 5, 216, 1024 }, { 6, 217, 1024 }, { 6, 218, 1024 }, { 7, 219, 1024 }, { 6, 220, 1024 }, { 7, 221, 1024 }, { 7, 222, 1024 }, { 8, 223, 1024 }, 
+   { 4, 224, 1024 }, { 5, 225, 1024 }, { 5, 226, 1024 }, { 6, 227, 1024 }, { 5, 228, 1024 }, { 6, 229, 1024 }, { 6, 230, 1024 }, { 7, 231, 1024 }, 
+   { 5, 232, 1024 }, { 6, 233, 1024 }, { 6, 234, 1024 }, { 7, 235, 1024 }, { 6, 236, 1024 }, { 7, 237, 1024 }, { 7, 238, 1024 }, { 8, 239, 1024 }, 
+   { 5, 240, 1024 }, { 6, 241, 1024 }, { 6, 242, 1024 }, { 7, 243, 1024 }, { 6, 244, 1024 }, { 7, 245, 1024 }, { 7, 246, 1024 }, { 8, 247, 1024 }, 
+   { 6, 248, 1024 }, { 7, 249, 1024 }, { 7, 250, 1024 }, { 8, 251, 1024 }, { 7, 252, 1024 }, { 8, 253, 1024 }, { 8, 254, 1024 }, { 9, 255, 1024 }, 
+   { 2, 256, 1024 }, { 3, 257, 1024 }, { 3, 258, 1024 }, { 4, 259, 1024 }, { 3, 260, 1024 }, { 4, 261, 1024 }, { 4, 262, 1024 }, { 5, 263, 1024 }, 
+   { 3, 264, 1024 }, { 4, 265, 1024 }, { 4, 266, 1024 }, { 5, 267, 1024 }, { 4, 268, 1024 }, { 5, 269, 1024 }, { 5, 270, 1024 }, { 6, 271, 1024 }, 
+   { 3, 272, 1024 }, { 4, 273, 1024 }, { 4, 274, 1024 }, { 5, 275, 1024 }, { 4, 276, 1024 }, { 5, 277, 1024 }, { 5, 278, 1024 }, { 6, 279, 1024 }, 
+   { 4, 280, 1024 }, { 5, 281, 1024 }, { 5, 282, 1024 }, { 6, 283, 1024 }, { 5, 284, 1024 }, { 6, 285, 1024 }, { 6, 286, 1024 }, { 7, 287, 1024 }, 
+   { 3, 288, 1024 }, { 4, 289, 1024 }, { 4, 290, 1024 }, { 5, 291, 1024 }, { 4, 292, 1024 }, { 5, 293, 1024 }, { 5, 294, 1024 }, { 6, 295, 1024 }, 
+   { 4, 296, 1024 }, { 5, 297, 1024 }, { 5, 298, 1024 }, { 6, 299, 1024 }, { 5, 300, 1024 }, { 6, 301, 1024 }, { 6, 302, 1024 }, { 7, 303, 1024 }, 
+   { 4, 304, 1024 }, { 5, 305, 1024 }, { 5, 306, 1024 }, { 6, 307, 1024 }, { 5, 308, 1024 }, { 6, 309, 1024 }, { 6, 310, 1024 }, { 7, 311, 1024 }, 
+   { 5, 312, 1024 }, { 6, 313, 1024 }, { 6, 314, 1024 }, { 7, 315, 1024 }, { 6, 316, 1024 }, { 7, 317, 1024 }, { 7, 318, 1024 }, { 8, 319, 1024 }, 
+   { 3, 320, 1024 }, { 4, 321, 1024 }, { 4, 322, 1024 }, { 5, 323, 1024 }, { 4, 324, 1024 }, { 5, 325, 1024 }, { 5, 326, 1024 }, { 6, 327, 1024 }, 
+   { 4, 328, 1024 }, { 5, 329, 1024 }, { 5, 330, 1024 }, { 6, 331, 1024 }, { 5, 332, 1024 }, { 6, 333, 1024 }, { 6, 334, 1024 }, { 7, 335, 1024 }, 
+   { 4, 336, 1024 }, { 5, 337, 1024 }, { 5, 338, 1024 }, { 6, 339, 1024 }, { 5, 340, 1024 }, { 6, 341, 1024 }, { 6, 342, 1024 }, { 7, 343, 1024 }, 
+   { 5, 344, 1024 }, { 6, 345, 1024 }, { 6, 346, 1024 }, { 7, 347, 1024 }, { 6, 348, 1024 }, { 7, 349, 1024 }, { 7, 350, 1024 }, { 8, 351, 1024 }, 
+   { 4, 352, 1024 }, { 5, 353, 1024 }, { 5, 354, 1024 }, { 6, 355, 1024 }, { 5, 356, 1024 }, { 6, 357, 1024 }, { 6, 358, 1024 }, { 7, 359, 1024 }, 
+   { 5, 360, 1024 }, { 6, 361, 1024 }, { 6, 362, 1024 }, { 7, 363, 1024 }, { 6, 364, 1024 }, { 7, 365, 1024 }, { 7, 366, 1024 }, { 8, 367, 1024 }, 
+   { 5, 368, 1024 }, { 6, 369, 1024 }, { 6, 370, 1024 }, { 7, 371, 1024 }, { 6, 372, 1024 }, { 7, 373, 1024 }, { 7, 374, 1024 }, { 8, 375, 1024 }, 
+   { 6, 376, 1024 }, { 7, 377, 1024 }, { 7, 378, 1024 }, { 8, 379, 1024 }, { 7, 380, 1024 }, { 8, 381, 1024 }, { 8, 382, 1024 }, { 9, 383, 1024 }, 
+   { 3, 384, 1024 }, { 4, 385, 1024 }, { 4, 386, 1024 }, { 5, 387, 1024 }, { 4, 388, 1024 }, { 5, 389, 1024 }, { 5, 390, 1024 }, { 6, 391, 1024 }, 
+   { 4, 392, 1024 }, { 5, 393, 1024 }, { 5, 394, 1024 }, { 6, 395, 1024 }, { 5, 396, 1024 }, { 6, 397, 1024 }, { 6, 398, 1024 }, { 7, 399, 1024 }, 
+   { 4, 400, 1024 }, { 5, 401, 1024 }, { 5, 402, 1024 }, { 6, 403, 1024 }, { 5, 404, 1024 }, { 6, 405, 1024 }, { 6, 406, 1024 }, { 7, 407, 1024 }, 
+   { 5, 408, 1024 }, { 6, 409, 1024 }, { 6, 410, 1024 }, { 7, 411, 1024 }, { 6, 412, 1024 }, { 7, 413, 1024 }, { 7, 414, 1024 }, { 8, 415, 1024 }, 
+   { 4, 416, 1024 }, { 5, 417, 1024 }, { 5, 418, 1024 }, { 6, 419, 1024 }, { 5, 420, 1024 }, { 6, 421, 1024 }, { 6, 422, 1024 }, { 7, 423, 1024 }, 
+   { 5, 424, 1024 }, { 6, 425, 1024 }, { 6, 426, 1024 }, { 7, 427, 1024 }, { 6, 428, 1024 }, { 7, 429, 1024 }, { 7, 430, 1024 }, { 8, 431, 1024 }, 
+   { 5, 432, 1024 }, { 6, 433, 1024 }, { 6, 434, 1024 }, { 7, 435, 1024 }, { 6, 436, 1024 }, { 7, 437, 1024 }, { 7, 438, 1024 }, { 8, 439, 1024 }, 
+   { 6, 440, 1024 }, { 7, 441, 1024 }, { 7, 442, 1024 }, { 8, 443, 1024 }, { 7, 444, 1024 }, { 8, 445, 1024 }, { 8, 446, 1024 }, { 9, 447, 1024 }, 
+   { 4, 448, 1024 }, { 5, 449, 1024 }, { 5, 450, 1024 }, { 6, 451, 1024 }, { 5, 452, 1024 }, { 6, 453, 1024 }, { 6, 454, 1024 }, { 7, 455, 1024 }, 
+   { 5, 456, 1024 }, { 6, 457, 1024 }, { 6, 458, 1024 }, { 7, 459, 1024 }, { 6, 460, 1024 }, { 7, 461, 1024 }, { 7, 462, 1024 }, { 8, 463, 1024 }, 
+   { 5, 464, 1024 }, { 6, 465, 1024 }, { 6, 466, 1024 }, { 7, 467, 1024 }, { 6, 468, 1024 }, { 7, 469, 1024 }, { 7, 470, 1024 }, { 8, 471, 1024 }, 
+   { 6, 472, 1024 }, { 7, 473, 1024 }, { 7, 474, 1024 }, { 8, 475, 1024 }, { 7, 476, 1024 }, { 8, 477, 1024 }, { 8, 478, 1024 }, { 9, 479, 1024 }, 
+   { 5, 480, 1024 }, { 6, 481, 1024 }, { 6, 482, 1024 }, { 7, 483, 1024 }, { 6, 484, 1024 }, { 7, 485, 1024 }, { 7, 486, 1024 }, { 8, 487, 1024 }, 
+   { 6, 488, 1024 }, { 7, 489, 1024 }, { 7, 490, 1024 }, { 8, 491, 1024 }, { 7, 492, 1024 }, { 8, 493, 1024 }, { 8, 494, 1024 }, { 9, 495, 1024 }, 
+   { 6, 496, 1024 }, { 7, 497, 1024 }, { 7, 498, 1024 }, { 8, 499, 1024 }, { 7, 500, 1024 }, { 8, 501, 1024 }, { 8, 502, 1024 }, { 9, 503, 1024 }, 
+   { 7, 504, 1024 }, { 8, 505, 1024 }, { 8, 506, 1024 }, { 9, 507, 1024 }, { 8, 508, 1024 }, { 9, 509, 1024 }, { 9, 510, 1024 }, { 10, 511, 1024 }, 
+   { 2, 512, 1024 }, { 3, 513, 1024 }, { 3, 514, 1024 }, { 4, 515, 1024 }, { 3, 516, 1024 }, { 4, 517, 1024 }, { 4, 518, 1024 }, { 5, 519, 1024 }, 
+   { 3, 520, 1024 }, { 4, 521, 1024 }, { 4, 522, 1024 }, { 5, 523, 1024 }, { 4, 524, 1024 }, { 5, 525, 1024 }, { 5, 526, 1024 }, { 6, 527, 1024 }, 
+   { 3, 528, 1024 }, { 4, 529, 1024 }, { 4, 530, 1024 }, { 5, 531, 1024 }, { 4, 532, 1024 }, { 5, 533, 1024 }, { 5, 534, 1024 }, { 6, 535, 1024 }, 
+   { 4, 536, 1024 }, { 5, 537, 1024 }, { 5, 538, 1024 }, { 6, 539, 1024 }, { 5, 540, 1024 }, { 6, 541, 1024 }, { 6, 542, 1024 }, { 7, 543, 1024 }, 
+   { 3, 544, 1024 }, { 4, 545, 1024 }, { 4, 546, 1024 }, { 5, 547, 1024 }, { 4, 548, 1024 }, { 5, 549, 1024 }, { 5, 550, 1024 }, { 6, 551, 1024 }, 
+   { 4, 552, 1024 }, { 5, 553, 1024 }, { 5, 554, 1024 }, { 6, 555, 1024 }, { 5, 556, 1024 }, { 6, 557, 1024 }, { 6, 558, 1024 }, { 7, 559, 1024 }, 
+   { 4, 560, 1024 }, { 5, 561, 1024 }, { 5, 562, 1024 }, { 6, 563, 1024 }, { 5, 564, 1024 }, { 6, 565, 1024 }, { 6, 566, 1024 }, { 7, 567, 1024 }, 
+   { 5, 568, 1024 }, { 6, 569, 1024 }, { 6, 570, 1024 }, { 7, 571, 1024 }, { 6, 572, 1024 }, { 7, 573, 1024 }, { 7, 574, 1024 }, { 8, 575, 1024 }, 
+   { 3, 576, 1024 }, { 4, 577, 1024 }, { 4, 578, 1024 }, { 5, 579, 1024 }, { 4, 580, 1024 }, { 5, 581, 1024 }, { 5, 582, 1024 }, { 6, 583, 1024 }, 
+   { 4, 584, 1024 }, { 5, 585, 1024 }, { 5, 586, 1024 }, { 6, 587, 1024 }, { 5, 588, 1024 }, { 6, 589, 1024 }, { 6, 590, 1024 }, { 7, 591, 1024 }, 
+   { 4, 592, 1024 }, { 5, 593, 1024 }, { 5, 594, 1024 }, { 6, 595, 1024 }, { 5, 596, 1024 }, { 6, 597, 1024 }, { 6, 598, 1024 }, { 7, 599, 1024 }, 
+   { 5, 600, 1024 }, { 6, 601, 1024 }, { 6, 602, 1024 }, { 7, 603, 1024 }, { 6, 604, 1024 }, { 7, 605, 1024 }, { 7, 606, 1024 }, { 8, 607, 1024 }, 
+   { 4, 608, 1024 }, { 5, 609, 1024 }, { 5, 610, 1024 }, { 6, 611, 1024 }, { 5, 612, 1024 }, { 6, 613, 1024 }, { 6, 614, 1024 }, { 7, 615, 1024 }, 
+   { 5, 616, 1024 }, { 6, 617, 1024 }, { 6, 618, 1024 }, { 7, 619, 1024 }, { 6, 620, 1024 }, { 7, 621, 1024 }, { 7, 622, 1024 }, { 8, 623, 1024 }, 
+   { 5, 624, 1024 }, { 6, 625, 1024 }, { 6, 626, 1024 }, { 7, 627, 1024 }, { 6, 628, 1024 }, { 7, 629, 1024 }, { 7, 630, 1024 }, { 8, 631, 1024 }, 
+   { 6, 632, 1024 }, { 7, 633, 1024 }, { 7, 634, 1024 }, { 8, 635, 1024 }, { 7, 636, 1024 }, { 8, 637, 1024 }, { 8, 638, 1024 }, { 9, 639, 1024 }, 
+   { 3, 640, 1024 }, { 4, 641, 1024 }, { 4, 642, 1024 }, { 5, 643, 1024 }, { 4, 644, 1024 }, { 5, 645, 1024 }, { 5, 646, 1024 }, { 6, 647, 1024 }, 
+   { 4, 648, 1024 }, { 5, 649, 1024 }, { 5, 650, 1024 }, { 6, 651, 1024 }, { 5, 652, 1024 }, { 6, 653, 1024 }, { 6, 654, 1024 }, { 7, 655, 1024 }, 
+   { 4, 656, 1024 }, { 5, 657, 1024 }, { 5, 658, 1024 }, { 6, 659, 1024 }, { 5, 660, 1024 }, { 6, 661, 1024 }, { 6, 662, 1024 }, { 7, 663, 1024 }, 
+   { 5, 664, 1024 }, { 6, 665, 1024 }, { 6, 666, 1024 }, { 7, 667, 1024 }, { 6, 668, 1024 }, { 7, 669, 1024 }, { 7, 670, 1024 }, { 8, 671, 1024 }, 
+   { 4, 672, 1024 }, { 5, 673, 1024 }, { 5, 674, 1024 }, { 6, 675, 1024 }, { 5, 676, 1024 }, { 6, 677, 1024 }, { 6, 678, 1024 }, { 7, 679, 1024 }, 
+   { 5, 680, 1024 }, { 6, 681, 1024 }, { 6, 682, 1024 }, { 7, 683, 1024 }, { 6, 684, 1024 }, { 7, 685, 1024 }, { 7, 686, 1024 }, { 8, 687, 1024 }, 
+   { 5, 688, 1024 }, { 6, 689, 1024 }, { 6, 690, 1024 }, { 7, 691, 1024 }, { 6, 692, 1024 }, { 7, 693, 1024 }, { 7, 694, 1024 }, { 8, 695, 1024 }, 
+   { 6, 696, 1024 }, { 7, 697, 1024 }, { 7, 698, 1024 }, { 8, 699, 1024 }, { 7, 700, 1024 }, { 8, 701, 1024 }, { 8, 702, 1024 }, { 9, 703, 1024 }, 
+   { 4, 704, 1024 }, { 5, 705, 1024 }, { 5, 706, 1024 }, { 6, 707, 1024 }, { 5, 708, 1024 }, { 6, 709, 1024 }, { 6, 710, 1024 }, { 7, 711, 1024 }, 
+   { 5, 712, 1024 }, { 6, 713, 1024 }, { 6, 714, 1024 }, { 7, 715, 1024 }, { 6, 716, 1024 }, { 7, 717, 1024 }, { 7, 718, 1024 }, { 8, 719, 1024 }, 
+   { 5, 720, 1024 }, { 6, 721, 1024 }, { 6, 722, 1024 }, { 7, 723, 1024 }, { 6, 724, 1024 }, { 7, 725, 1024 }, { 7, 726, 1024 }, { 8, 727, 1024 }, 
+   { 6, 728, 1024 }, { 7, 729, 1024 }, { 7, 730, 1024 }, { 8, 731, 1024 }, { 7, 732, 1024 }, { 8, 733, 1024 }, { 8, 734, 1024 }, { 9, 735, 1024 }, 
+   { 5, 736, 1024 }, { 6, 737, 1024 }, { 6, 738, 1024 }, { 7, 739, 1024 }, { 6, 740, 1024 }, { 7, 741, 1024 }, { 7, 742, 1024 }, { 8, 743, 1024 }, 
+   { 6, 744, 1024 }, { 7, 745, 1024 }, { 7, 746, 1024 }, { 8, 747, 1024 }, { 7, 748, 1024 }, { 8, 749, 1024 }, { 8, 750, 1024 }, { 9, 751, 1024 }, 
+   { 6, 752, 1024 }, { 7, 753, 1024 }, { 7, 754, 1024 }, { 8, 755, 1024 }, { 7, 756, 1024 }, { 8, 757, 1024 }, { 8, 758, 1024 }, { 9, 759, 1024 }, 
+   { 7, 760, 1024 }, { 8, 761, 1024 }, { 8, 762, 1024 }, { 9, 763, 1024 }, { 8, 764, 1024 }, { 9, 765, 1024 }, { 9, 766, 1024 }, { 10, 767, 1024 }, 
+   { 3, 768, 1024 }, { 4, 769, 1024 }, { 4, 770, 1024 }, { 5, 771, 1024 }, { 4, 772, 1024 }, { 5, 773, 1024 }, { 5, 774, 1024 }, { 6, 775, 1024 }, 
+   { 4, 776, 1024 }, { 5, 777, 1024 }, { 5, 778, 1024 }, { 6, 779, 1024 }, { 5, 780, 1024 }, { 6, 781, 1024 }, { 6, 782, 1024 }, { 7, 783, 1024 }, 
+   { 4, 784, 1024 }, { 5, 785, 1024 }, { 5, 786, 1024 }, { 6, 787, 1024 }, { 5, 788, 1024 }, { 6, 789, 1024 }, { 6, 790, 1024 }, { 7, 791, 1024 }, 
+   { 5, 792, 1024 }, { 6, 793, 1024 }, { 6, 794, 1024 }, { 7, 795, 1024 }, { 6, 796, 1024 }, { 7, 797, 1024 }, { 7, 798, 1024 }, { 8, 799, 1024 }, 
+   { 4, 800, 1024 }, { 5, 801, 1024 }, { 5, 802, 1024 }, { 6, 803, 1024 }, { 5, 804, 1024 }, { 6, 805, 1024 }, { 6, 806, 1024 }, { 7, 807, 1024 }, 
+   { 5, 808, 1024 }, { 6, 809, 1024 }, { 6, 810, 1024 }, { 7, 811, 1024 }, { 6, 812, 1024 }, { 7, 813, 1024 }, { 7, 814, 1024 }, { 8, 815, 1024 }, 
+   { 5, 816, 1024 }, { 6, 817, 1024 }, { 6, 818, 1024 }, { 7, 819, 1024 }, { 6, 820, 1024 }, { 7, 821, 1024 }, { 7, 822, 1024 }, { 8, 823, 1024 }, 
+   { 6, 824, 1024 }, { 7, 825, 1024 }, { 7, 826, 1024 }, { 8, 827, 1024 }, { 7, 828, 1024 }, { 8, 829, 1024 }, { 8, 830, 1024 }, { 9, 831, 1024 }, 
+   { 4, 832, 1024 }, { 5, 833, 1024 }, { 5, 834, 1024 }, { 6, 835, 1024 }, { 5, 836, 1024 }, { 6, 837, 1024 }, { 6, 838, 1024 }, { 7, 839, 1024 }, 
+   { 5, 840, 1024 }, { 6, 841, 1024 }, { 6, 842, 1024 }, { 7, 843, 1024 }, { 6, 844, 1024 }, { 7, 845, 1024 }, { 7, 846, 1024 }, { 8, 847, 1024 }, 
+   { 5, 848, 1024 }, { 6, 849, 1024 }, { 6, 850, 1024 }, { 7, 851, 1024 }, { 6, 852, 1024 }, { 7, 853, 1024 }, { 7, 854, 1024 }, { 8, 855, 1024 }, 
+   { 6, 856, 1024 }, { 7, 857, 1024 }, { 7, 858, 1024 }, { 8, 859, 1024 }, { 7, 860, 1024 }, { 8, 861, 1024 }, { 8, 862, 1024 }, { 9, 863, 1024 }, 
+   { 5, 864, 1024 }, { 6, 865, 1024 }, { 6, 866, 1024 }, { 7, 867, 1024 }, { 6, 868, 1024 }, { 7, 869, 1024 }, { 7, 870, 1024 }, { 8, 871, 1024 }, 
+   { 6, 872, 1024 }, { 7, 873, 1024 }, { 7, 874, 1024 }, { 8, 875, 1024 }, { 7, 876, 1024 }, { 8, 877, 1024 }, { 8, 878, 1024 }, { 9, 879, 1024 }, 
+   { 6, 880, 1024 }, { 7, 881, 1024 }, { 7, 882, 1024 }, { 8, 883, 1024 }, { 7, 884, 1024 }, { 8, 885, 1024 }, { 8, 886, 1024 }, { 9, 887, 1024 }, 
+   { 7, 888, 1024 }, { 8, 889, 1024 }, { 8, 890, 1024 }, { 9, 891, 1024 }, { 8, 892, 1024 }, { 9, 893, 1024 }, { 9, 894, 1024 }, { 10, 895, 1024 }, 
+   { 4, 896, 1024 }, { 5, 897, 1024 }, { 5, 898, 1024 }, { 6, 899, 1024 }, { 5, 900, 1024 }, { 6, 901, 1024 }, { 6, 902, 1024 }, { 7, 903, 1024 }, 
+   { 5, 904, 1024 }, { 6, 905, 1024 }, { 6, 906, 1024 }, { 7, 907, 1024 }, { 6, 908, 1024 }, { 7, 909, 1024 }, { 7, 910, 1024 }, { 8, 911, 1024 }, 
+   { 5, 912, 1024 }, { 6, 913, 1024 }, { 6, 914, 1024 }, { 7, 915, 1024 }, { 6, 916, 1024 }, { 7, 917, 1024 }, { 7, 918, 1024 }, { 8, 919, 1024 }, 
+   { 6, 920, 1024 }, { 7, 921, 1024 }, { 7, 922, 1024 }, { 8, 923, 1024 }, { 7, 924, 1024 }, { 8, 925, 1024 }, { 8, 926, 1024 }, { 9, 927, 1024 }, 
+   { 5, 928, 1024 }, { 6, 929, 1024 }, { 6, 930, 1024 }, { 7, 931, 1024 }, { 6, 932, 1024 }, { 7, 933, 1024 }, { 7, 934, 1024 }, { 8, 935, 1024 }, 
+   { 6, 936, 1024 }, { 7, 937, 1024 }, { 7, 938, 1024 }, { 8, 939, 1024 }, { 7, 940, 1024 }, { 8, 941, 1024 }, { 8, 942, 1024 }, { 9, 943, 1024 }, 
+   { 6, 944, 1024 }, { 7, 945, 1024 }, { 7, 946, 1024 }, { 8, 947, 1024 }, { 7, 948, 1024 }, { 8, 949, 1024 }, { 8, 950, 1024 }, { 9, 951, 1024 }, 
+   { 7, 952, 1024 }, { 8, 953, 1024 }, { 8, 954, 1024 }, { 9, 955, 1024 }, { 8, 956, 1024 }, { 9, 957, 1024 }, { 9, 958, 1024 }, { 10, 959, 1024 }, 
+   { 5, 960, 1024 }, { 6, 961, 1024 }, { 6, 962, 1024 }, { 7, 963, 1024 }, { 6, 964, 1024 }, { 7, 965, 1024 }, { 7, 966, 1024 }, { 8, 967, 1024 }, 
+   { 6, 968, 1024 }, { 7, 969, 1024 }, { 7, 970, 1024 }, { 8, 971, 1024 }, { 7, 972, 1024 }, { 8, 973, 1024 }, { 8, 974, 1024 }, { 9, 975, 1024 }, 
+   { 6, 976, 1024 }, { 7, 977, 1024 }, { 7, 978, 1024 }, { 8, 979, 1024 }, { 7, 980, 1024 }, { 8, 981, 1024 }, { 8, 982, 1024 }, { 9, 983, 1024 }, 
+   { 7, 984, 1024 }, { 8, 985, 1024 }, { 8, 986, 1024 }, { 9, 987, 1024 }, { 8, 988, 1024 }, { 9, 989, 1024 }, { 9, 990, 1024 }, { 10, 991, 1024 }, 
+   { 6, 992, 1024 }, { 7, 993, 1024 }, { 7, 994, 1024 }, { 8, 995, 1024 }, { 7, 996, 1024 }, { 8, 997, 1024 }, { 8, 998, 1024 }, { 9, 999, 1024 }, 
+   { 7, 1000, 1024 }, { 8, 1001, 1024 }, { 8, 1002, 1024 }, { 9, 1003, 1024 }, { 8, 1004, 1024 }, { 9, 1005, 1024 }, { 9, 1006, 1024 }, { 10, 1007, 1024 }, 
+   { 7, 1008, 1024 }, { 8, 1009, 1024 }, { 8, 1010, 1024 }, { 9, 1011, 1024 }, { 8, 1012, 1024 }, { 9, 1013, 1024 }, { 9, 1014, 1024 }, { 10, 1015, 1024 }, 
+   { 8, 1016, 1024 }, { 9, 1017, 1024 }, { 9, 1018, 1024 }, { 10, 1019, 1024 }, { 9, 1020, 1024 }, { 10, 1021, 1024 }, { 10, 1022, 1024 }, { 11, 1023, 1024 }, 
+#if FP_LUT > 11
+   { 1, 0, 0 }, { 2, 1, 2048 }, { 2, 2, 2048 }, { 3, 3, 2048 }, { 2, 4, 2048 }, { 3, 5, 2048 }, { 3, 6, 2048 }, { 4, 7, 2048 }, 
+   { 2, 8, 2048 }, { 3, 9, 2048 }, { 3, 10, 2048 }, { 4, 11, 2048 }, { 3, 12, 2048 }, { 4, 13, 2048 }, { 4, 14, 2048 }, { 5, 15, 2048 }, 
+   { 2, 16, 2048 }, { 3, 17, 2048 }, { 3, 18, 2048 }, { 4, 19, 2048 }, { 3, 20, 2048 }, { 4, 21, 2048 }, { 4, 22, 2048 }, { 5, 23, 2048 }, 
+   { 3, 24, 2048 }, { 4, 25, 2048 }, { 4, 26, 2048 }, { 5, 27, 2048 }, { 4, 28, 2048 }, { 5, 29, 2048 }, { 5, 30, 2048 }, { 6, 31, 2048 }, 
+   { 2, 32, 2048 }, { 3, 33, 2048 }, { 3, 34, 2048 }, { 4, 35, 2048 }, { 3, 36, 2048 }, { 4, 37, 2048 }, { 4, 38, 2048 }, { 5, 39, 2048 }, 
+   { 3, 40, 2048 }, { 4, 41, 2048 }, { 4, 42, 2048 }, { 5, 43, 2048 }, { 4, 44, 2048 }, { 5, 45, 2048 }, { 5, 46, 2048 }, { 6, 47, 2048 }, 
+   { 3, 48, 2048 }, { 4, 49, 2048 }, { 4, 50, 2048 }, { 5, 51, 2048 }, { 4, 52, 2048 }, { 5, 53, 2048 }, { 5, 54, 2048 }, { 6, 55, 2048 }, 
+   { 4, 56, 2048 }, { 5, 57, 2048 }, { 5, 58, 2048 }, { 6, 59, 2048 }, { 5, 60, 2048 }, { 6, 61, 2048 }, { 6, 62, 2048 }, { 7, 63, 2048 }, 
+   { 2, 64, 2048 }, { 3, 65, 2048 }, { 3, 66, 2048 }, { 4, 67, 2048 }, { 3, 68, 2048 }, { 4, 69, 2048 }, { 4, 70, 2048 }, { 5, 71, 2048 }, 
+   { 3, 72, 2048 }, { 4, 73, 2048 }, { 4, 74, 2048 }, { 5, 75, 2048 }, { 4, 76, 2048 }, { 5, 77, 2048 }, { 5, 78, 2048 }, { 6, 79, 2048 }, 
+   { 3, 80, 2048 }, { 4, 81, 2048 }, { 4, 82, 2048 }, { 5, 83, 2048 }, { 4, 84, 2048 }, { 5, 85, 2048 }, { 5, 86, 2048 }, { 6, 87, 2048 }, 
+   { 4, 88, 2048 }, { 5, 89, 2048 }, { 5, 90, 2048 }, { 6, 91, 2048 }, { 5, 92, 2048 }, { 6, 93, 2048 }, { 6, 94, 2048 }, { 7, 95, 2048 }, 
+   { 3, 96, 2048 }, { 4, 97, 2048 }, { 4, 98, 2048 }, { 5, 99, 2048 }, { 4, 100, 2048 }, { 5, 101, 2048 }, { 5, 102, 2048 }, { 6, 103, 2048 }, 
+   { 4, 104, 2048 }, { 5, 105, 2048 }, { 5, 106, 2048 }, { 6, 107, 2048 }, { 5, 108, 2048 }, { 6, 109, 2048 }, { 6, 110, 2048 }, { 7, 111, 2048 }, 
+   { 4, 112, 2048 }, { 5, 113, 2048 }, { 5, 114, 2048 }, { 6, 115, 2048 }, { 5, 116, 2048 }, { 6, 117, 2048 }, { 6, 118, 2048 }, { 7, 119, 2048 }, 
+   { 5, 120, 2048 }, { 6, 121, 2048 }, { 6, 122, 2048 }, { 7, 123, 2048 }, { 6, 124, 2048 }, { 7, 125, 2048 }, { 7, 126, 2048 }, { 8, 127, 2048 }, 
+   { 2, 128, 2048 }, { 3, 129, 2048 }, { 3, 130, 2048 }, { 4, 131, 2048 }, { 3, 132, 2048 }, { 4, 133, 2048 }, { 4, 134, 2048 }, { 5, 135, 2048 }, 
+   { 3, 136, 2048 }, { 4, 137, 2048 }, { 4, 138, 2048 }, { 5, 139, 2048 }, { 4, 140, 2048 }, { 5, 141, 2048 }, { 5, 142, 2048 }, { 6, 143, 2048 }, 
+   { 3, 144, 2048 }, { 4, 145, 2048 }, { 4, 146, 2048 }, { 5, 147, 2048 }, { 4, 148, 2048 }, { 5, 149, 2048 }, { 5, 150, 2048 }, { 6, 151, 2048 }, 
+   { 4, 152, 2048 }, { 5, 153, 2048 }, { 5, 154, 2048 }, { 6, 155, 2048 }, { 5, 156, 2048 }, { 6, 157, 2048 }, { 6, 158, 2048 }, { 7, 159, 2048 }, 
+   { 3, 160, 2048 }, { 4, 161, 2048 }, { 4, 162, 2048 }, { 5, 163, 2048 }, { 4, 164, 2048 }, { 5, 165, 2048 }, { 5, 166, 2048 }, { 6, 167, 2048 }, 
+   { 4, 168, 2048 }, { 5, 169, 2048 }, { 5, 170, 2048 }, { 6, 171, 2048 }, { 5, 172, 2048 }, { 6, 173, 2048 }, { 6, 174, 2048 }, { 7, 175, 2048 }, 
+   { 4, 176, 2048 }, { 5, 177, 2048 }, { 5, 178, 2048 }, { 6, 179, 2048 }, { 5, 180, 2048 }, { 6, 181, 2048 }, { 6, 182, 2048 }, { 7, 183, 2048 }, 
+   { 5, 184, 2048 }, { 6, 185, 2048 }, { 6, 186, 2048 }, { 7, 187, 2048 }, { 6, 188, 2048 }, { 7, 189, 2048 }, { 7, 190, 2048 }, { 8, 191, 2048 }, 
+   { 3, 192, 2048 }, { 4, 193, 2048 }, { 4, 194, 2048 }, { 5, 195, 2048 }, { 4, 196, 2048 }, { 5, 197, 2048 }, { 5, 198, 2048 }, { 6, 199, 2048 }, 
+   { 4, 200, 2048 }, { 5, 201, 2048 }, { 5, 202, 2048 }, { 6, 203, 2048 }, { 5, 204, 2048 }, { 6, 205, 2048 }, { 6, 206, 2048 }, { 7, 207, 2048 }, 
+   { 4, 208, 2048 }, { 5, 209, 2048 }, { 5, 210, 2048 }, { 6, 211, 2048 }, { 5, 212, 2048 }, { 6, 213, 2048 }, { 6, 214, 2048 }, { 7, 215, 2048 }, 
+   { 5, 216, 2048 }, { 6, 217, 2048 }, { 6, 218, 2048 }, { 7, 219, 2048 }, { 6, 220, 2048 }, { 7, 221, 2048 }, { 7, 222, 2048 }, { 8, 223, 2048 }, 
+   { 4, 224, 2048 }, { 5, 225, 2048 }, { 5, 226, 2048 }, { 6, 227, 2048 }, { 5, 228, 2048 }, { 6, 229, 2048 }, { 6, 230, 2048 }, { 7, 231, 2048 }, 
+   { 5, 232, 2048 }, { 6, 233, 2048 }, { 6, 234, 2048 }, { 7, 235, 2048 }, { 6, 236, 2048 }, { 7, 237, 2048 }, { 7, 238, 2048 }, { 8, 239, 2048 }, 
+   { 5, 240, 2048 }, { 6, 241, 2048 }, { 6, 242, 2048 }, { 7, 243, 2048 }, { 6, 244, 2048 }, { 7, 245, 2048 }, { 7, 246, 2048 }, { 8, 247, 2048 }, 
+   { 6, 248, 2048 }, { 7, 249, 2048 }, { 7, 250, 2048 }, { 8, 251, 2048 }, { 7, 252, 2048 }, { 8, 253, 2048 }, { 8, 254, 2048 }, { 9, 255, 2048 }, 
+   { 2, 256, 2048 }, { 3, 257, 2048 }, { 3, 258, 2048 }, { 4, 259, 2048 }, { 3, 260, 2048 }, { 4, 261, 2048 }, { 4, 262, 2048 }, { 5, 263, 2048 }, 
+   { 3, 264, 2048 }, { 4, 265, 2048 }, { 4, 266, 2048 }, { 5, 267, 2048 }, { 4, 268, 2048 }, { 5, 269, 2048 }, { 5, 270, 2048 }, { 6, 271, 2048 }, 
+   { 3, 272, 2048 }, { 4, 273, 2048 }, { 4, 274, 2048 }, { 5, 275, 2048 }, { 4, 276, 2048 }, { 5, 277, 2048 }, { 5, 278, 2048 }, { 6, 279, 2048 }, 
+   { 4, 280, 2048 }, { 5, 281, 2048 }, { 5, 282, 2048 }, { 6, 283, 2048 }, { 5, 284, 2048 }, { 6, 285, 2048 }, { 6, 286, 2048 }, { 7, 287, 2048 }, 
+   { 3, 288, 2048 }, { 4, 289, 2048 }, { 4, 290, 2048 }, { 5, 291, 2048 }, { 4, 292, 2048 }, { 5, 293, 2048 }, { 5, 294, 2048 }, { 6, 295, 2048 }, 
+   { 4, 296, 2048 }, { 5, 297, 2048 }, { 5, 298, 2048 }, { 6, 299, 2048 }, { 5, 300, 2048 }, { 6, 301, 2048 }, { 6, 302, 2048 }, { 7, 303, 2048 }, 
+   { 4, 304, 2048 }, { 5, 305, 2048 }, { 5, 306, 2048 }, { 6, 307, 2048 }, { 5, 308, 2048 }, { 6, 309, 2048 }, { 6, 310, 2048 }, { 7, 311, 2048 }, 
+   { 5, 312, 2048 }, { 6, 313, 2048 }, { 6, 314, 2048 }, { 7, 315, 2048 }, { 6, 316, 2048 }, { 7, 317, 2048 }, { 7, 318, 2048 }, { 8, 319, 2048 }, 
+   { 3, 320, 2048 }, { 4, 321, 2048 }, { 4, 322, 2048 }, { 5, 323, 2048 }, { 4, 324, 2048 }, { 5, 325, 2048 }, { 5, 326, 2048 }, { 6, 327, 2048 }, 
+   { 4, 328, 2048 }, { 5, 329, 2048 }, { 5, 330, 2048 }, { 6, 331, 2048 }, { 5, 332, 2048 }, { 6, 333, 2048 }, { 6, 334, 2048 }, { 7, 335, 2048 }, 
+   { 4, 336, 2048 }, { 5, 337, 2048 }, { 5, 338, 2048 }, { 6, 339, 2048 }, { 5, 340, 2048 }, { 6, 341, 2048 }, { 6, 342, 2048 }, { 7, 343, 2048 }, 
+   { 5, 344, 2048 }, { 6, 345, 2048 }, { 6, 346, 2048 }, { 7, 347, 2048 }, { 6, 348, 2048 }, { 7, 349, 2048 }, { 7, 350, 2048 }, { 8, 351, 2048 }, 
+   { 4, 352, 2048 }, { 5, 353, 2048 }, { 5, 354, 2048 }, { 6, 355, 2048 }, { 5, 356, 2048 }, { 6, 357, 2048 }, { 6, 358, 2048 }, { 7, 359, 2048 }, 
+   { 5, 360, 2048 }, { 6, 361, 2048 }, { 6, 362, 2048 }, { 7, 363, 2048 }, { 6, 364, 2048 }, { 7, 365, 2048 }, { 7, 366, 2048 }, { 8, 367, 2048 }, 
+   { 5, 368, 2048 }, { 6, 369, 2048 }, { 6, 370, 2048 }, { 7, 371, 2048 }, { 6, 372, 2048 }, { 7, 373, 2048 }, { 7, 374, 2048 }, { 8, 375, 2048 }, 
+   { 6, 376, 2048 }, { 7, 377, 2048 }, { 7, 378, 2048 }, { 8, 379, 2048 }, { 7, 380, 2048 }, { 8, 381, 2048 }, { 8, 382, 2048 }, { 9, 383, 2048 }, 
+   { 3, 384, 2048 }, { 4, 385, 2048 }, { 4, 386, 2048 }, { 5, 387, 2048 }, { 4, 388, 2048 }, { 5, 389, 2048 }, { 5, 390, 2048 }, { 6, 391, 2048 }, 
+   { 4, 392, 2048 }, { 5, 393, 2048 }, { 5, 394, 2048 }, { 6, 395, 2048 }, { 5, 396, 2048 }, { 6, 397, 2048 }, { 6, 398, 2048 }, { 7, 399, 2048 }, 
+   { 4, 400, 2048 }, { 5, 401, 2048 }, { 5, 402, 2048 }, { 6, 403, 2048 }, { 5, 404, 2048 }, { 6, 405, 2048 }, { 6, 406, 2048 }, { 7, 407, 2048 }, 
+   { 5, 408, 2048 }, { 6, 409, 2048 }, { 6, 410, 2048 }, { 7, 411, 2048 }, { 6, 412, 2048 }, { 7, 413, 2048 }, { 7, 414, 2048 }, { 8, 415, 2048 }, 
+   { 4, 416, 2048 }, { 5, 417, 2048 }, { 5, 418, 2048 }, { 6, 419, 2048 }, { 5, 420, 2048 }, { 6, 421, 2048 }, { 6, 422, 2048 }, { 7, 423, 2048 }, 
+   { 5, 424, 2048 }, { 6, 425, 2048 }, { 6, 426, 2048 }, { 7, 427, 2048 }, { 6, 428, 2048 }, { 7, 429, 2048 }, { 7, 430, 2048 }, { 8, 431, 2048 }, 
+   { 5, 432, 2048 }, { 6, 433, 2048 }, { 6, 434, 2048 }, { 7, 435, 2048 }, { 6, 436, 2048 }, { 7, 437, 2048 }, { 7, 438, 2048 }, { 8, 439, 2048 }, 
+   { 6, 440, 2048 }, { 7, 441, 2048 }, { 7, 442, 2048 }, { 8, 443, 2048 }, { 7, 444, 2048 }, { 8, 445, 2048 }, { 8, 446, 2048 }, { 9, 447, 2048 }, 
+   { 4, 448, 2048 }, { 5, 449, 2048 }, { 5, 450, 2048 }, { 6, 451, 2048 }, { 5, 452, 2048 }, { 6, 453, 2048 }, { 6, 454, 2048 }, { 7, 455, 2048 }, 
+   { 5, 456, 2048 }, { 6, 457, 2048 }, { 6, 458, 2048 }, { 7, 459, 2048 }, { 6, 460, 2048 }, { 7, 461, 2048 }, { 7, 462, 2048 }, { 8, 463, 2048 }, 
+   { 5, 464, 2048 }, { 6, 465, 2048 }, { 6, 466, 2048 }, { 7, 467, 2048 }, { 6, 468, 2048 }, { 7, 469, 2048 }, { 7, 470, 2048 }, { 8, 471, 2048 }, 
+   { 6, 472, 2048 }, { 7, 473, 2048 }, { 7, 474, 2048 }, { 8, 475, 2048 }, { 7, 476, 2048 }, { 8, 477, 2048 }, { 8, 478, 2048 }, { 9, 479, 2048 }, 
+   { 5, 480, 2048 }, { 6, 481, 2048 }, { 6, 482, 2048 }, { 7, 483, 2048 }, { 6, 484, 2048 }, { 7, 485, 2048 }, { 7, 486, 2048 }, { 8, 487, 2048 }, 
+   { 6, 488, 2048 }, { 7, 489, 2048 }, { 7, 490, 2048 }, { 8, 491, 2048 }, { 7, 492, 2048 }, { 8, 493, 2048 }, { 8, 494, 2048 }, { 9, 495, 2048 }, 
+   { 6, 496, 2048 }, { 7, 497, 2048 }, { 7, 498, 2048 }, { 8, 499, 2048 }, { 7, 500, 2048 }, { 8, 501, 2048 }, { 8, 502, 2048 }, { 9, 503, 2048 }, 
+   { 7, 504, 2048 }, { 8, 505, 2048 }, { 8, 506, 2048 }, { 9, 507, 2048 }, { 8, 508, 2048 }, { 9, 509, 2048 }, { 9, 510, 2048 }, { 10, 511, 2048 }, 
+   { 2, 512, 2048 }, { 3, 513, 2048 }, { 3, 514, 2048 }, { 4, 515, 2048 }, { 3, 516, 2048 }, { 4, 517, 2048 }, { 4, 518, 2048 }, { 5, 519, 2048 }, 
+   { 3, 520, 2048 }, { 4, 521, 2048 }, { 4, 522, 2048 }, { 5, 523, 2048 }, { 4, 524, 2048 }, { 5, 525, 2048 }, { 5, 526, 2048 }, { 6, 527, 2048 }, 
+   { 3, 528, 2048 }, { 4, 529, 2048 }, { 4, 530, 2048 }, { 5, 531, 2048 }, { 4, 532, 2048 }, { 5, 533, 2048 }, { 5, 534, 2048 }, { 6, 535, 2048 }, 
+   { 4, 536, 2048 }, { 5, 537, 2048 }, { 5, 538, 2048 }, { 6, 539, 2048 }, { 5, 540, 2048 }, { 6, 541, 2048 }, { 6, 542, 2048 }, { 7, 543, 2048 }, 
+   { 3, 544, 2048 }, { 4, 545, 2048 }, { 4, 546, 2048 }, { 5, 547, 2048 }, { 4, 548, 2048 }, { 5, 549, 2048 }, { 5, 550, 2048 }, { 6, 551, 2048 }, 
+   { 4, 552, 2048 }, { 5, 553, 2048 }, { 5, 554, 2048 }, { 6, 555, 2048 }, { 5, 556, 2048 }, { 6, 557, 2048 }, { 6, 558, 2048 }, { 7, 559, 2048 }, 
+   { 4, 560, 2048 }, { 5, 561, 2048 }, { 5, 562, 2048 }, { 6, 563, 2048 }, { 5, 564, 2048 }, { 6, 565, 2048 }, { 6, 566, 2048 }, { 7, 567, 2048 }, 
+   { 5, 568, 2048 }, { 6, 569, 2048 }, { 6, 570, 2048 }, { 7, 571, 2048 }, { 6, 572, 2048 }, { 7, 573, 2048 }, { 7, 574, 2048 }, { 8, 575, 2048 }, 
+   { 3, 576, 2048 }, { 4, 577, 2048 }, { 4, 578, 2048 }, { 5, 579, 2048 }, { 4, 580, 2048 }, { 5, 581, 2048 }, { 5, 582, 2048 }, { 6, 583, 2048 }, 
+   { 4, 584, 2048 }, { 5, 585, 2048 }, { 5, 586, 2048 }, { 6, 587, 2048 }, { 5, 588, 2048 }, { 6, 589, 2048 }, { 6, 590, 2048 }, { 7, 591, 2048 }, 
+   { 4, 592, 2048 }, { 5, 593, 2048 }, { 5, 594, 2048 }, { 6, 595, 2048 }, { 5, 596, 2048 }, { 6, 597, 2048 }, { 6, 598, 2048 }, { 7, 599, 2048 }, 
+   { 5, 600, 2048 }, { 6, 601, 2048 }, { 6, 602, 2048 }, { 7, 603, 2048 }, { 6, 604, 2048 }, { 7, 605, 2048 }, { 7, 606, 2048 }, { 8, 607, 2048 }, 
+   { 4, 608, 2048 }, { 5, 609, 2048 }, { 5, 610, 2048 }, { 6, 611, 2048 }, { 5, 612, 2048 }, { 6, 613, 2048 }, { 6, 614, 2048 }, { 7, 615, 2048 }, 
+   { 5, 616, 2048 }, { 6, 617, 2048 }, { 6, 618, 2048 }, { 7, 619, 2048 }, { 6, 620, 2048 }, { 7, 621, 2048 }, { 7, 622, 2048 }, { 8, 623, 2048 }, 
+   { 5, 624, 2048 }, { 6, 625, 2048 }, { 6, 626, 2048 }, { 7, 627, 2048 }, { 6, 628, 2048 }, { 7, 629, 2048 }, { 7, 630, 2048 }, { 8, 631, 2048 }, 
+   { 6, 632, 2048 }, { 7, 633, 2048 }, { 7, 634, 2048 }, { 8, 635, 2048 }, { 7, 636, 2048 }, { 8, 637, 2048 }, { 8, 638, 2048 }, { 9, 639, 2048 }, 
+   { 3, 640, 2048 }, { 4, 641, 2048 }, { 4, 642, 2048 }, { 5, 643, 2048 }, { 4, 644, 2048 }, { 5, 645, 2048 }, { 5, 646, 2048 }, { 6, 647, 2048 }, 
+   { 4, 648, 2048 }, { 5, 649, 2048 }, { 5, 650, 2048 }, { 6, 651, 2048 }, { 5, 652, 2048 }, { 6, 653, 2048 }, { 6, 654, 2048 }, { 7, 655, 2048 }, 
+   { 4, 656, 2048 }, { 5, 657, 2048 }, { 5, 658, 2048 }, { 6, 659, 2048 }, { 5, 660, 2048 }, { 6, 661, 2048 }, { 6, 662, 2048 }, { 7, 663, 2048 }, 
+   { 5, 664, 2048 }, { 6, 665, 2048 }, { 6, 666, 2048 }, { 7, 667, 2048 }, { 6, 668, 2048 }, { 7, 669, 2048 }, { 7, 670, 2048 }, { 8, 671, 2048 }, 
+   { 4, 672, 2048 }, { 5, 673, 2048 }, { 5, 674, 2048 }, { 6, 675, 2048 }, { 5, 676, 2048 }, { 6, 677, 2048 }, { 6, 678, 2048 }, { 7, 679, 2048 }, 
+   { 5, 680, 2048 }, { 6, 681, 2048 }, { 6, 682, 2048 }, { 7, 683, 2048 }, { 6, 684, 2048 }, { 7, 685, 2048 }, { 7, 686, 2048 }, { 8, 687, 2048 }, 
+   { 5, 688, 2048 }, { 6, 689, 2048 }, { 6, 690, 2048 }, { 7, 691, 2048 }, { 6, 692, 2048 }, { 7, 693, 2048 }, { 7, 694, 2048 }, { 8, 695, 2048 }, 
+   { 6, 696, 2048 }, { 7, 697, 2048 }, { 7, 698, 2048 }, { 8, 699, 2048 }, { 7, 700, 2048 }, { 8, 701, 2048 }, { 8, 702, 2048 }, { 9, 703, 2048 }, 
+   { 4, 704, 2048 }, { 5, 705, 2048 }, { 5, 706, 2048 }, { 6, 707, 2048 }, { 5, 708, 2048 }, { 6, 709, 2048 }, { 6, 710, 2048 }, { 7, 711, 2048 }, 
+   { 5, 712, 2048 }, { 6, 713, 2048 }, { 6, 714, 2048 }, { 7, 715, 2048 }, { 6, 716, 2048 }, { 7, 717, 2048 }, { 7, 718, 2048 }, { 8, 719, 2048 }, 
+   { 5, 720, 2048 }, { 6, 721, 2048 }, { 6, 722, 2048 }, { 7, 723, 2048 }, { 6, 724, 2048 }, { 7, 725, 2048 }, { 7, 726, 2048 }, { 8, 727, 2048 }, 
+   { 6, 728, 2048 }, { 7, 729, 2048 }, { 7, 730, 2048 }, { 8, 731, 2048 }, { 7, 732, 2048 }, { 8, 733, 2048 }, { 8, 734, 2048 }, { 9, 735, 2048 }, 
+   { 5, 736, 2048 }, { 6, 737, 2048 }, { 6, 738, 2048 }, { 7, 739, 2048 }, { 6, 740, 2048 }, { 7, 741, 2048 }, { 7, 742, 2048 }, { 8, 743, 2048 }, 
+   { 6, 744, 2048 }, { 7, 745, 2048 }, { 7, 746, 2048 }, { 8, 747, 2048 }, { 7, 748, 2048 }, { 8, 749, 2048 }, { 8, 750, 2048 }, { 9, 751, 2048 }, 
+   { 6, 752, 2048 }, { 7, 753, 2048 }, { 7, 754, 2048 }, { 8, 755, 2048 }, { 7, 756, 2048 }, { 8, 757, 2048 }, { 8, 758, 2048 }, { 9, 759, 2048 }, 
+   { 7, 760, 2048 }, { 8, 761, 2048 }, { 8, 762, 2048 }, { 9, 763, 2048 }, { 8, 764, 2048 }, { 9, 765, 2048 }, { 9, 766, 2048 }, { 10, 767, 2048 }, 
+   { 3, 768, 2048 }, { 4, 769, 2048 }, { 4, 770, 2048 }, { 5, 771, 2048 }, { 4, 772, 2048 }, { 5, 773, 2048 }, { 5, 774, 2048 }, { 6, 775, 2048 }, 
+   { 4, 776, 2048 }, { 5, 777, 2048 }, { 5, 778, 2048 }, { 6, 779, 2048 }, { 5, 780, 2048 }, { 6, 781, 2048 }, { 6, 782, 2048 }, { 7, 783, 2048 }, 
+   { 4, 784, 2048 }, { 5, 785, 2048 }, { 5, 786, 2048 }, { 6, 787, 2048 }, { 5, 788, 2048 }, { 6, 789, 2048 }, { 6, 790, 2048 }, { 7, 791, 2048 }, 
+   { 5, 792, 2048 }, { 6, 793, 2048 }, { 6, 794, 2048 }, { 7, 795, 2048 }, { 6, 796, 2048 }, { 7, 797, 2048 }, { 7, 798, 2048 }, { 8, 799, 2048 }, 
+   { 4, 800, 2048 }, { 5, 801, 2048 }, { 5, 802, 2048 }, { 6, 803, 2048 }, { 5, 804, 2048 }, { 6, 805, 2048 }, { 6, 806, 2048 }, { 7, 807, 2048 }, 
+   { 5, 808, 2048 }, { 6, 809, 2048 }, { 6, 810, 2048 }, { 7, 811, 2048 }, { 6, 812, 2048 }, { 7, 813, 2048 }, { 7, 814, 2048 }, { 8, 815, 2048 }, 
+   { 5, 816, 2048 }, { 6, 817, 2048 }, { 6, 818, 2048 }, { 7, 819, 2048 }, { 6, 820, 2048 }, { 7, 821, 2048 }, { 7, 822, 2048 }, { 8, 823, 2048 }, 
+   { 6, 824, 2048 }, { 7, 825, 2048 }, { 7, 826, 2048 }, { 8, 827, 2048 }, { 7, 828, 2048 }, { 8, 829, 2048 }, { 8, 830, 2048 }, { 9, 831, 2048 }, 
+   { 4, 832, 2048 }, { 5, 833, 2048 }, { 5, 834, 2048 }, { 6, 835, 2048 }, { 5, 836, 2048 }, { 6, 837, 2048 }, { 6, 838, 2048 }, { 7, 839, 2048 }, 
+   { 5, 840, 2048 }, { 6, 841, 2048 }, { 6, 842, 2048 }, { 7, 843, 2048 }, { 6, 844, 2048 }, { 7, 845, 2048 }, { 7, 846, 2048 }, { 8, 847, 2048 }, 
+   { 5, 848, 2048 }, { 6, 849, 2048 }, { 6, 850, 2048 }, { 7, 851, 2048 }, { 6, 852, 2048 }, { 7, 853, 2048 }, { 7, 854, 2048 }, { 8, 855, 2048 }, 
+   { 6, 856, 2048 }, { 7, 857, 2048 }, { 7, 858, 2048 }, { 8, 859, 2048 }, { 7, 860, 2048 }, { 8, 861, 2048 }, { 8, 862, 2048 }, { 9, 863, 2048 }, 
+   { 5, 864, 2048 }, { 6, 865, 2048 }, { 6, 866, 2048 }, { 7, 867, 2048 }, { 6, 868, 2048 }, { 7, 869, 2048 }, { 7, 870, 2048 }, { 8, 871, 2048 }, 
+   { 6, 872, 2048 }, { 7, 873, 2048 }, { 7, 874, 2048 }, { 8, 875, 2048 }, { 7, 876, 2048 }, { 8, 877, 2048 }, { 8, 878, 2048 }, { 9, 879, 2048 }, 
+   { 6, 880, 2048 }, { 7, 881, 2048 }, { 7, 882, 2048 }, { 8, 883, 2048 }, { 7, 884, 2048 }, { 8, 885, 2048 }, { 8, 886, 2048 }, { 9, 887, 2048 }, 
+   { 7, 888, 2048 }, { 8, 889, 2048 }, { 8, 890, 2048 }, { 9, 891, 2048 }, { 8, 892, 2048 }, { 9, 893, 2048 }, { 9, 894, 2048 }, { 10, 895, 2048 }, 
+   { 4, 896, 2048 }, { 5, 897, 2048 }, { 5, 898, 2048 }, { 6, 899, 2048 }, { 5, 900, 2048 }, { 6, 901, 2048 }, { 6, 902, 2048 }, { 7, 903, 2048 }, 
+   { 5, 904, 2048 }, { 6, 905, 2048 }, { 6, 906, 2048 }, { 7, 907, 2048 }, { 6, 908, 2048 }, { 7, 909, 2048 }, { 7, 910, 2048 }, { 8, 911, 2048 }, 
+   { 5, 912, 2048 }, { 6, 913, 2048 }, { 6, 914, 2048 }, { 7, 915, 2048 }, { 6, 916, 2048 }, { 7, 917, 2048 }, { 7, 918, 2048 }, { 8, 919, 2048 }, 
+   { 6, 920, 2048 }, { 7, 921, 2048 }, { 7, 922, 2048 }, { 8, 923, 2048 }, { 7, 924, 2048 }, { 8, 925, 2048 }, { 8, 926, 2048 }, { 9, 927, 2048 }, 
+   { 5, 928, 2048 }, { 6, 929, 2048 }, { 6, 930, 2048 }, { 7, 931, 2048 }, { 6, 932, 2048 }, { 7, 933, 2048 }, { 7, 934, 2048 }, { 8, 935, 2048 }, 
+   { 6, 936, 2048 }, { 7, 937, 2048 }, { 7, 938, 2048 }, { 8, 939, 2048 }, { 7, 940, 2048 }, { 8, 941, 2048 }, { 8, 942, 2048 }, { 9, 943, 2048 }, 
+   { 6, 944, 2048 }, { 7, 945, 2048 }, { 7, 946, 2048 }, { 8, 947, 2048 }, { 7, 948, 2048 }, { 8, 949, 2048 }, { 8, 950, 2048 }, { 9, 951, 2048 }, 
+   { 7, 952, 2048 }, { 8, 953, 2048 }, { 8, 954, 2048 }, { 9, 955, 2048 }, { 8, 956, 2048 }, { 9, 957, 2048 }, { 9, 958, 2048 }, { 10, 959, 2048 }, 
+   { 5, 960, 2048 }, { 6, 961, 2048 }, { 6, 962, 2048 }, { 7, 963, 2048 }, { 6, 964, 2048 }, { 7, 965, 2048 }, { 7, 966, 2048 }, { 8, 967, 2048 }, 
+   { 6, 968, 2048 }, { 7, 969, 2048 }, { 7, 970, 2048 }, { 8, 971, 2048 }, { 7, 972, 2048 }, { 8, 973, 2048 }, { 8, 974, 2048 }, { 9, 975, 2048 }, 
+   { 6, 976, 2048 }, { 7, 977, 2048 }, { 7, 978, 2048 }, { 8, 979, 2048 }, { 7, 980, 2048 }, { 8, 981, 2048 }, { 8, 982, 2048 }, { 9, 983, 2048 }, 
+   { 7, 984, 2048 }, { 8, 985, 2048 }, { 8, 986, 2048 }, { 9, 987, 2048 }, { 8, 988, 2048 }, { 9, 989, 2048 }, { 9, 990, 2048 }, { 10, 991, 2048 }, 
+   { 6, 992, 2048 }, { 7, 993, 2048 }, { 7, 994, 2048 }, { 8, 995, 2048 }, { 7, 996, 2048 }, { 8, 997, 2048 }, { 8, 998, 2048 }, { 9, 999, 2048 }, 
+   { 7, 1000, 2048 }, { 8, 1001, 2048 }, { 8, 1002, 2048 }, { 9, 1003, 2048 }, { 8, 1004, 2048 }, { 9, 1005, 2048 }, { 9, 1006, 2048 }, { 10, 1007, 2048 }, 
+   { 7, 1008, 2048 }, { 8, 1009, 2048 }, { 8, 1010, 2048 }, { 9, 1011, 2048 }, { 8, 1012, 2048 }, { 9, 1013, 2048 }, { 9, 1014, 2048 }, { 10, 1015, 2048 }, 
+   { 8, 1016, 2048 }, { 9, 1017, 2048 }, { 9, 1018, 2048 }, { 10, 1019, 2048 }, { 9, 1020, 2048 }, { 10, 1021, 2048 }, { 10, 1022, 2048 }, { 11, 1023, 2048 }, 
+   { 2, 1024, 2048 }, { 3, 1025, 2048 }, { 3, 1026, 2048 }, { 4, 1027, 2048 }, { 3, 1028, 2048 }, { 4, 1029, 2048 }, { 4, 1030, 2048 }, { 5, 1031, 2048 }, 
+   { 3, 1032, 2048 }, { 4, 1033, 2048 }, { 4, 1034, 2048 }, { 5, 1035, 2048 }, { 4, 1036, 2048 }, { 5, 1037, 2048 }, { 5, 1038, 2048 }, { 6, 1039, 2048 }, 
+   { 3, 1040, 2048 }, { 4, 1041, 2048 }, { 4, 1042, 2048 }, { 5, 1043, 2048 }, { 4, 1044, 2048 }, { 5, 1045, 2048 }, { 5, 1046, 2048 }, { 6, 1047, 2048 }, 
+   { 4, 1048, 2048 }, { 5, 1049, 2048 }, { 5, 1050, 2048 }, { 6, 1051, 2048 }, { 5, 1052, 2048 }, { 6, 1053, 2048 }, { 6, 1054, 2048 }, { 7, 1055, 2048 }, 
+   { 3, 1056, 2048 }, { 4, 1057, 2048 }, { 4, 1058, 2048 }, { 5, 1059, 2048 }, { 4, 1060, 2048 }, { 5, 1061, 2048 }, { 5, 1062, 2048 }, { 6, 1063, 2048 }, 
+   { 4, 1064, 2048 }, { 5, 1065, 2048 }, { 5, 1066, 2048 }, { 6, 1067, 2048 }, { 5, 1068, 2048 }, { 6, 1069, 2048 }, { 6, 1070, 2048 }, { 7, 1071, 2048 }, 
+   { 4, 1072, 2048 }, { 5, 1073, 2048 }, { 5, 1074, 2048 }, { 6, 1075, 2048 }, { 5, 1076, 2048 }, { 6, 1077, 2048 }, { 6, 1078, 2048 }, { 7, 1079, 2048 }, 
+   { 5, 1080, 2048 }, { 6, 1081, 2048 }, { 6, 1082, 2048 }, { 7, 1083, 2048 }, { 6, 1084, 2048 }, { 7, 1085, 2048 }, { 7, 1086, 2048 }, { 8, 1087, 2048 }, 
+   { 3, 1088, 2048 }, { 4, 1089, 2048 }, { 4, 1090, 2048 }, { 5, 1091, 2048 }, { 4, 1092, 2048 }, { 5, 1093, 2048 }, { 5, 1094, 2048 }, { 6, 1095, 2048 }, 
+   { 4, 1096, 2048 }, { 5, 1097, 2048 }, { 5, 1098, 2048 }, { 6, 1099, 2048 }, { 5, 1100, 2048 }, { 6, 1101, 2048 }, { 6, 1102, 2048 }, { 7, 1103, 2048 }, 
+   { 4, 1104, 2048 }, { 5, 1105, 2048 }, { 5, 1106, 2048 }, { 6, 1107, 2048 }, { 5, 1108, 2048 }, { 6, 1109, 2048 }, { 6, 1110, 2048 }, { 7, 1111, 2048 }, 
+   { 5, 1112, 2048 }, { 6, 1113, 2048 }, { 6, 1114, 2048 }, { 7, 1115, 2048 }, { 6, 1116, 2048 }, { 7, 1117, 2048 }, { 7, 1118, 2048 }, { 8, 1119, 2048 }, 
+   { 4, 1120, 2048 }, { 5, 1121, 2048 }, { 5, 1122, 2048 }, { 6, 1123, 2048 }, { 5, 1124, 2048 }, { 6, 1125, 2048 }, { 6, 1126, 2048 }, { 7, 1127, 2048 }, 
+   { 5, 1128, 2048 }, { 6, 1129, 2048 }, { 6, 1130, 2048 }, { 7, 1131, 2048 }, { 6, 1132, 2048 }, { 7, 1133, 2048 }, { 7, 1134, 2048 }, { 8, 1135, 2048 }, 
+   { 5, 1136, 2048 }, { 6, 1137, 2048 }, { 6, 1138, 2048 }, { 7, 1139, 2048 }, { 6, 1140, 2048 }, { 7, 1141, 2048 }, { 7, 1142, 2048 }, { 8, 1143, 2048 }, 
+   { 6, 1144, 2048 }, { 7, 1145, 2048 }, { 7, 1146, 2048 }, { 8, 1147, 2048 }, { 7, 1148, 2048 }, { 8, 1149, 2048 }, { 8, 1150, 2048 }, { 9, 1151, 2048 }, 
+   { 3, 1152, 2048 }, { 4, 1153, 2048 }, { 4, 1154, 2048 }, { 5, 1155, 2048 }, { 4, 1156, 2048 }, { 5, 1157, 2048 }, { 5, 1158, 2048 }, { 6, 1159, 2048 }, 
+   { 4, 1160, 2048 }, { 5, 1161, 2048 }, { 5, 1162, 2048 }, { 6, 1163, 2048 }, { 5, 1164, 2048 }, { 6, 1165, 2048 }, { 6, 1166, 2048 }, { 7, 1167, 2048 }, 
+   { 4, 1168, 2048 }, { 5, 1169, 2048 }, { 5, 1170, 2048 }, { 6, 1171, 2048 }, { 5, 1172, 2048 }, { 6, 1173, 2048 }, { 6, 1174, 2048 }, { 7, 1175, 2048 }, 
+   { 5, 1176, 2048 }, { 6, 1177, 2048 }, { 6, 1178, 2048 }, { 7, 1179, 2048 }, { 6, 1180, 2048 }, { 7, 1181, 2048 }, { 7, 1182, 2048 }, { 8, 1183, 2048 }, 
+   { 4, 1184, 2048 }, { 5, 1185, 2048 }, { 5, 1186, 2048 }, { 6, 1187, 2048 }, { 5, 1188, 2048 }, { 6, 1189, 2048 }, { 6, 1190, 2048 }, { 7, 1191, 2048 }, 
+   { 5, 1192, 2048 }, { 6, 1193, 2048 }, { 6, 1194, 2048 }, { 7, 1195, 2048 }, { 6, 1196, 2048 }, { 7, 1197, 2048 }, { 7, 1198, 2048 }, { 8, 1199, 2048 }, 
+   { 5, 1200, 2048 }, { 6, 1201, 2048 }, { 6, 1202, 2048 }, { 7, 1203, 2048 }, { 6, 1204, 2048 }, { 7, 1205, 2048 }, { 7, 1206, 2048 }, { 8, 1207, 2048 }, 
+   { 6, 1208, 2048 }, { 7, 1209, 2048 }, { 7, 1210, 2048 }, { 8, 1211, 2048 }, { 7, 1212, 2048 }, { 8, 1213, 2048 }, { 8, 1214, 2048 }, { 9, 1215, 2048 }, 
+   { 4, 1216, 2048 }, { 5, 1217, 2048 }, { 5, 1218, 2048 }, { 6, 1219, 2048 }, { 5, 1220, 2048 }, { 6, 1221, 2048 }, { 6, 1222, 2048 }, { 7, 1223, 2048 }, 
+   { 5, 1224, 2048 }, { 6, 1225, 2048 }, { 6, 1226, 2048 }, { 7, 1227, 2048 }, { 6, 1228, 2048 }, { 7, 1229, 2048 }, { 7, 1230, 2048 }, { 8, 1231, 2048 }, 
+   { 5, 1232, 2048 }, { 6, 1233, 2048 }, { 6, 1234, 2048 }, { 7, 1235, 2048 }, { 6, 1236, 2048 }, { 7, 1237, 2048 }, { 7, 1238, 2048 }, { 8, 1239, 2048 }, 
+   { 6, 1240, 2048 }, { 7, 1241, 2048 }, { 7, 1242, 2048 }, { 8, 1243, 2048 }, { 7, 1244, 2048 }, { 8, 1245, 2048 }, { 8, 1246, 2048 }, { 9, 1247, 2048 }, 
+   { 5, 1248, 2048 }, { 6, 1249, 2048 }, { 6, 1250, 2048 }, { 7, 1251, 2048 }, { 6, 1252, 2048 }, { 7, 1253, 2048 }, { 7, 1254, 2048 }, { 8, 1255, 2048 }, 
+   { 6, 1256, 2048 }, { 7, 1257, 2048 }, { 7, 1258, 2048 }, { 8, 1259, 2048 }, { 7, 1260, 2048 }, { 8, 1261, 2048 }, { 8, 1262, 2048 }, { 9, 1263, 2048 }, 
+   { 6, 1264, 2048 }, { 7, 1265, 2048 }, { 7, 1266, 2048 }, { 8, 1267, 2048 }, { 7, 1268, 2048 }, { 8, 1269, 2048 }, { 8, 1270, 2048 }, { 9, 1271, 2048 }, 
+   { 7, 1272, 2048 }, { 8, 1273, 2048 }, { 8, 1274, 2048 }, { 9, 1275, 2048 }, { 8, 1276, 2048 }, { 9, 1277, 2048 }, { 9, 1278, 2048 }, { 10, 1279, 2048 }, 
+   { 3, 1280, 2048 }, { 4, 1281, 2048 }, { 4, 1282, 2048 }, { 5, 1283, 2048 }, { 4, 1284, 2048 }, { 5, 1285, 2048 }, { 5, 1286, 2048 }, { 6, 1287, 2048 }, 
+   { 4, 1288, 2048 }, { 5, 1289, 2048 }, { 5, 1290, 2048 }, { 6, 1291, 2048 }, { 5, 1292, 2048 }, { 6, 1293, 2048 }, { 6, 1294, 2048 }, { 7, 1295, 2048 }, 
+   { 4, 1296, 2048 }, { 5, 1297, 2048 }, { 5, 1298, 2048 }, { 6, 1299, 2048 }, { 5, 1300, 2048 }, { 6, 1301, 2048 }, { 6, 1302, 2048 }, { 7, 1303, 2048 }, 
+   { 5, 1304, 2048 }, { 6, 1305, 2048 }, { 6, 1306, 2048 }, { 7, 1307, 2048 }, { 6, 1308, 2048 }, { 7, 1309, 2048 }, { 7, 1310, 2048 }, { 8, 1311, 2048 }, 
+   { 4, 1312, 2048 }, { 5, 1313, 2048 }, { 5, 1314, 2048 }, { 6, 1315, 2048 }, { 5, 1316, 2048 }, { 6, 1317, 2048 }, { 6, 1318, 2048 }, { 7, 1319, 2048 }, 
+   { 5, 1320, 2048 }, { 6, 1321, 2048 }, { 6, 1322, 2048 }, { 7, 1323, 2048 }, { 6, 1324, 2048 }, { 7, 1325, 2048 }, { 7, 1326, 2048 }, { 8, 1327, 2048 }, 
+   { 5, 1328, 2048 }, { 6, 1329, 2048 }, { 6, 1330, 2048 }, { 7, 1331, 2048 }, { 6, 1332, 2048 }, { 7, 1333, 2048 }, { 7, 1334, 2048 }, { 8, 1335, 2048 }, 
+   { 6, 1336, 2048 }, { 7, 1337, 2048 }, { 7, 1338, 2048 }, { 8, 1339, 2048 }, { 7, 1340, 2048 }, { 8, 1341, 2048 }, { 8, 1342, 2048 }, { 9, 1343, 2048 }, 
+   { 4, 1344, 2048 }, { 5, 1345, 2048 }, { 5, 1346, 2048 }, { 6, 1347, 2048 }, { 5, 1348, 2048 }, { 6, 1349, 2048 }, { 6, 1350, 2048 }, { 7, 1351, 2048 }, 
+   { 5, 1352, 2048 }, { 6, 1353, 2048 }, { 6, 1354, 2048 }, { 7, 1355, 2048 }, { 6, 1356, 2048 }, { 7, 1357, 2048 }, { 7, 1358, 2048 }, { 8, 1359, 2048 }, 
+   { 5, 1360, 2048 }, { 6, 1361, 2048 }, { 6, 1362, 2048 }, { 7, 1363, 2048 }, { 6, 1364, 2048 }, { 7, 1365, 2048 }, { 7, 1366, 2048 }, { 8, 1367, 2048 }, 
+   { 6, 1368, 2048 }, { 7, 1369, 2048 }, { 7, 1370, 2048 }, { 8, 1371, 2048 }, { 7, 1372, 2048 }, { 8, 1373, 2048 }, { 8, 1374, 2048 }, { 9, 1375, 2048 }, 
+   { 5, 1376, 2048 }, { 6, 1377, 2048 }, { 6, 1378, 2048 }, { 7, 1379, 2048 }, { 6, 1380, 2048 }, { 7, 1381, 2048 }, { 7, 1382, 2048 }, { 8, 1383, 2048 }, 
+   { 6, 1384, 2048 }, { 7, 1385, 2048 }, { 7, 1386, 2048 }, { 8, 1387, 2048 }, { 7, 1388, 2048 }, { 8, 1389, 2048 }, { 8, 1390, 2048 }, { 9, 1391, 2048 }, 
+   { 6, 1392, 2048 }, { 7, 1393, 2048 }, { 7, 1394, 2048 }, { 8, 1395, 2048 }, { 7, 1396, 2048 }, { 8, 1397, 2048 }, { 8, 1398, 2048 }, { 9, 1399, 2048 }, 
+   { 7, 1400, 2048 }, { 8, 1401, 2048 }, { 8, 1402, 2048 }, { 9, 1403, 2048 }, { 8, 1404, 2048 }, { 9, 1405, 2048 }, { 9, 1406, 2048 }, { 10, 1407, 2048 }, 
+   { 4, 1408, 2048 }, { 5, 1409, 2048 }, { 5, 1410, 2048 }, { 6, 1411, 2048 }, { 5, 1412, 2048 }, { 6, 1413, 2048 }, { 6, 1414, 2048 }, { 7, 1415, 2048 }, 
+   { 5, 1416, 2048 }, { 6, 1417, 2048 }, { 6, 1418, 2048 }, { 7, 1419, 2048 }, { 6, 1420, 2048 }, { 7, 1421, 2048 }, { 7, 1422, 2048 }, { 8, 1423, 2048 }, 
+   { 5, 1424, 2048 }, { 6, 1425, 2048 }, { 6, 1426, 2048 }, { 7, 1427, 2048 }, { 6, 1428, 2048 }, { 7, 1429, 2048 }, { 7, 1430, 2048 }, { 8, 1431, 2048 }, 
+   { 6, 1432, 2048 }, { 7, 1433, 2048 }, { 7, 1434, 2048 }, { 8, 1435, 2048 }, { 7, 1436, 2048 }, { 8, 1437, 2048 }, { 8, 1438, 2048 }, { 9, 1439, 2048 }, 
+   { 5, 1440, 2048 }, { 6, 1441, 2048 }, { 6, 1442, 2048 }, { 7, 1443, 2048 }, { 6, 1444, 2048 }, { 7, 1445, 2048 }, { 7, 1446, 2048 }, { 8, 1447, 2048 }, 
+   { 6, 1448, 2048 }, { 7, 1449, 2048 }, { 7, 1450, 2048 }, { 8, 1451, 2048 }, { 7, 1452, 2048 }, { 8, 1453, 2048 }, { 8, 1454, 2048 }, { 9, 1455, 2048 }, 
+   { 6, 1456, 2048 }, { 7, 1457, 2048 }, { 7, 1458, 2048 }, { 8, 1459, 2048 }, { 7, 1460, 2048 }, { 8, 1461, 2048 }, { 8, 1462, 2048 }, { 9, 1463, 2048 }, 
+   { 7, 1464, 2048 }, { 8, 1465, 2048 }, { 8, 1466, 2048 }, { 9, 1467, 2048 }, { 8, 1468, 2048 }, { 9, 1469, 2048 }, { 9, 1470, 2048 }, { 10, 1471, 2048 }, 
+   { 5, 1472, 2048 }, { 6, 1473, 2048 }, { 6, 1474, 2048 }, { 7, 1475, 2048 }, { 6, 1476, 2048 }, { 7, 1477, 2048 }, { 7, 1478, 2048 }, { 8, 1479, 2048 }, 
+   { 6, 1480, 2048 }, { 7, 1481, 2048 }, { 7, 1482, 2048 }, { 8, 1483, 2048 }, { 7, 1484, 2048 }, { 8, 1485, 2048 }, { 8, 1486, 2048 }, { 9, 1487, 2048 }, 
+   { 6, 1488, 2048 }, { 7, 1489, 2048 }, { 7, 1490, 2048 }, { 8, 1491, 2048 }, { 7, 1492, 2048 }, { 8, 1493, 2048 }, { 8, 1494, 2048 }, { 9, 1495, 2048 }, 
+   { 7, 1496, 2048 }, { 8, 1497, 2048 }, { 8, 1498, 2048 }, { 9, 1499, 2048 }, { 8, 1500, 2048 }, { 9, 1501, 2048 }, { 9, 1502, 2048 }, { 10, 1503, 2048 }, 
+   { 6, 1504, 2048 }, { 7, 1505, 2048 }, { 7, 1506, 2048 }, { 8, 1507, 2048 }, { 7, 1508, 2048 }, { 8, 1509, 2048 }, { 8, 1510, 2048 }, { 9, 1511, 2048 }, 
+   { 7, 1512, 2048 }, { 8, 1513, 2048 }, { 8, 1514, 2048 }, { 9, 1515, 2048 }, { 8, 1516, 2048 }, { 9, 1517, 2048 }, { 9, 1518, 2048 }, { 10, 1519, 2048 }, 
+   { 7, 1520, 2048 }, { 8, 1521, 2048 }, { 8, 1522, 2048 }, { 9, 1523, 2048 }, { 8, 1524, 2048 }, { 9, 1525, 2048 }, { 9, 1526, 2048 }, { 10, 1527, 2048 }, 
+   { 8, 1528, 2048 }, { 9, 1529, 2048 }, { 9, 1530, 2048 }, { 10, 1531, 2048 }, { 9, 1532, 2048 }, { 10, 1533, 2048 }, { 10, 1534, 2048 }, { 11, 1535, 2048 }, 
+   { 3, 1536, 2048 }, { 4, 1537, 2048 }, { 4, 1538, 2048 }, { 5, 1539, 2048 }, { 4, 1540, 2048 }, { 5, 1541, 2048 }, { 5, 1542, 2048 }, { 6, 1543, 2048 }, 
+   { 4, 1544, 2048 }, { 5, 1545, 2048 }, { 5, 1546, 2048 }, { 6, 1547, 2048 }, { 5, 1548, 2048 }, { 6, 1549, 2048 }, { 6, 1550, 2048 }, { 7, 1551, 2048 }, 
+   { 4, 1552, 2048 }, { 5, 1553, 2048 }, { 5, 1554, 2048 }, { 6, 1555, 2048 }, { 5, 1556, 2048 }, { 6, 1557, 2048 }, { 6, 1558, 2048 }, { 7, 1559, 2048 }, 
+   { 5, 1560, 2048 }, { 6, 1561, 2048 }, { 6, 1562, 2048 }, { 7, 1563, 2048 }, { 6, 1564, 2048 }, { 7, 1565, 2048 }, { 7, 1566, 2048 }, { 8, 1567, 2048 }, 
+   { 4, 1568, 2048 }, { 5, 1569, 2048 }, { 5, 1570, 2048 }, { 6, 1571, 2048 }, { 5, 1572, 2048 }, { 6, 1573, 2048 }, { 6, 1574, 2048 }, { 7, 1575, 2048 }, 
+   { 5, 1576, 2048 }, { 6, 1577, 2048 }, { 6, 1578, 2048 }, { 7, 1579, 2048 }, { 6, 1580, 2048 }, { 7, 1581, 2048 }, { 7, 1582, 2048 }, { 8, 1583, 2048 }, 
+   { 5, 1584, 2048 }, { 6, 1585, 2048 }, { 6, 1586, 2048 }, { 7, 1587, 2048 }, { 6, 1588, 2048 }, { 7, 1589, 2048 }, { 7, 1590, 2048 }, { 8, 1591, 2048 }, 
+   { 6, 1592, 2048 }, { 7, 1593, 2048 }, { 7, 1594, 2048 }, { 8, 1595, 2048 }, { 7, 1596, 2048 }, { 8, 1597, 2048 }, { 8, 1598, 2048 }, { 9, 1599, 2048 }, 
+   { 4, 1600, 2048 }, { 5, 1601, 2048 }, { 5, 1602, 2048 }, { 6, 1603, 2048 }, { 5, 1604, 2048 }, { 6, 1605, 2048 }, { 6, 1606, 2048 }, { 7, 1607, 2048 }, 
+   { 5, 1608, 2048 }, { 6, 1609, 2048 }, { 6, 1610, 2048 }, { 7, 1611, 2048 }, { 6, 1612, 2048 }, { 7, 1613, 2048 }, { 7, 1614, 2048 }, { 8, 1615, 2048 }, 
+   { 5, 1616, 2048 }, { 6, 1617, 2048 }, { 6, 1618, 2048 }, { 7, 1619, 2048 }, { 6, 1620, 2048 }, { 7, 1621, 2048 }, { 7, 1622, 2048 }, { 8, 1623, 2048 }, 
+   { 6, 1624, 2048 }, { 7, 1625, 2048 }, { 7, 1626, 2048 }, { 8, 1627, 2048 }, { 7, 1628, 2048 }, { 8, 1629, 2048 }, { 8, 1630, 2048 }, { 9, 1631, 2048 }, 
+   { 5, 1632, 2048 }, { 6, 1633, 2048 }, { 6, 1634, 2048 }, { 7, 1635, 2048 }, { 6, 1636, 2048 }, { 7, 1637, 2048 }, { 7, 1638, 2048 }, { 8, 1639, 2048 }, 
+   { 6, 1640, 2048 }, { 7, 1641, 2048 }, { 7, 1642, 2048 }, { 8, 1643, 2048 }, { 7, 1644, 2048 }, { 8, 1645, 2048 }, { 8, 1646, 2048 }, { 9, 1647, 2048 }, 
+   { 6, 1648, 2048 }, { 7, 1649, 2048 }, { 7, 1650, 2048 }, { 8, 1651, 2048 }, { 7, 1652, 2048 }, { 8, 1653, 2048 }, { 8, 1654, 2048 }, { 9, 1655, 2048 }, 
+   { 7, 1656, 2048 }, { 8, 1657, 2048 }, { 8, 1658, 2048 }, { 9, 1659, 2048 }, { 8, 1660, 2048 }, { 9, 1661, 2048 }, { 9, 1662, 2048 }, { 10, 1663, 2048 }, 
+   { 4, 1664, 2048 }, { 5, 1665, 2048 }, { 5, 1666, 2048 }, { 6, 1667, 2048 }, { 5, 1668, 2048 }, { 6, 1669, 2048 }, { 6, 1670, 2048 }, { 7, 1671, 2048 }, 
+   { 5, 1672, 2048 }, { 6, 1673, 2048 }, { 6, 1674, 2048 }, { 7, 1675, 2048 }, { 6, 1676, 2048 }, { 7, 1677, 2048 }, { 7, 1678, 2048 }, { 8, 1679, 2048 }, 
+   { 5, 1680, 2048 }, { 6, 1681, 2048 }, { 6, 1682, 2048 }, { 7, 1683, 2048 }, { 6, 1684, 2048 }, { 7, 1685, 2048 }, { 7, 1686, 2048 }, { 8, 1687, 2048 }, 
+   { 6, 1688, 2048 }, { 7, 1689, 2048 }, { 7, 1690, 2048 }, { 8, 1691, 2048 }, { 7, 1692, 2048 }, { 8, 1693, 2048 }, { 8, 1694, 2048 }, { 9, 1695, 2048 }, 
+   { 5, 1696, 2048 }, { 6, 1697, 2048 }, { 6, 1698, 2048 }, { 7, 1699, 2048 }, { 6, 1700, 2048 }, { 7, 1701, 2048 }, { 7, 1702, 2048 }, { 8, 1703, 2048 }, 
+   { 6, 1704, 2048 }, { 7, 1705, 2048 }, { 7, 1706, 2048 }, { 8, 1707, 2048 }, { 7, 1708, 2048 }, { 8, 1709, 2048 }, { 8, 1710, 2048 }, { 9, 1711, 2048 }, 
+   { 6, 1712, 2048 }, { 7, 1713, 2048 }, { 7, 1714, 2048 }, { 8, 1715, 2048 }, { 7, 1716, 2048 }, { 8, 1717, 2048 }, { 8, 1718, 2048 }, { 9, 1719, 2048 }, 
+   { 7, 1720, 2048 }, { 8, 1721, 2048 }, { 8, 1722, 2048 }, { 9, 1723, 2048 }, { 8, 1724, 2048 }, { 9, 1725, 2048 }, { 9, 1726, 2048 }, { 10, 1727, 2048 }, 
+   { 5, 1728, 2048 }, { 6, 1729, 2048 }, { 6, 1730, 2048 }, { 7, 1731, 2048 }, { 6, 1732, 2048 }, { 7, 1733, 2048 }, { 7, 1734, 2048 }, { 8, 1735, 2048 }, 
+   { 6, 1736, 2048 }, { 7, 1737, 2048 }, { 7, 1738, 2048 }, { 8, 1739, 2048 }, { 7, 1740, 2048 }, { 8, 1741, 2048 }, { 8, 1742, 2048 }, { 9, 1743, 2048 }, 
+   { 6, 1744, 2048 }, { 7, 1745, 2048 }, { 7, 1746, 2048 }, { 8, 1747, 2048 }, { 7, 1748, 2048 }, { 8, 1749, 2048 }, { 8, 1750, 2048 }, { 9, 1751, 2048 }, 
+   { 7, 1752, 2048 }, { 8, 1753, 2048 }, { 8, 1754, 2048 }, { 9, 1755, 2048 }, { 8, 1756, 2048 }, { 9, 1757, 2048 }, { 9, 1758, 2048 }, { 10, 1759, 2048 }, 
+   { 6, 1760, 2048 }, { 7, 1761, 2048 }, { 7, 1762, 2048 }, { 8, 1763, 2048 }, { 7, 1764, 2048 }, { 8, 1765, 2048 }, { 8, 1766, 2048 }, { 9, 1767, 2048 }, 
+   { 7, 1768, 2048 }, { 8, 1769, 2048 }, { 8, 1770, 2048 }, { 9, 1771, 2048 }, { 8, 1772, 2048 }, { 9, 1773, 2048 }, { 9, 1774, 2048 }, { 10, 1775, 2048 }, 
+   { 7, 1776, 2048 }, { 8, 1777, 2048 }, { 8, 1778, 2048 }, { 9, 1779, 2048 }, { 8, 1780, 2048 }, { 9, 1781, 2048 }, { 9, 1782, 2048 }, { 10, 1783, 2048 }, 
+   { 8, 1784, 2048 }, { 9, 1785, 2048 }, { 9, 1786, 2048 }, { 10, 1787, 2048 }, { 9, 1788, 2048 }, { 10, 1789, 2048 }, { 10, 1790, 2048 }, { 11, 1791, 2048 }, 
+   { 4, 1792, 2048 }, { 5, 1793, 2048 }, { 5, 1794, 2048 }, { 6, 1795, 2048 }, { 5, 1796, 2048 }, { 6, 1797, 2048 }, { 6, 1798, 2048 }, { 7, 1799, 2048 }, 
+   { 5, 1800, 2048 }, { 6, 1801, 2048 }, { 6, 1802, 2048 }, { 7, 1803, 2048 }, { 6, 1804, 2048 }, { 7, 1805, 2048 }, { 7, 1806, 2048 }, { 8, 1807, 2048 }, 
+   { 5, 1808, 2048 }, { 6, 1809, 2048 }, { 6, 1810, 2048 }, { 7, 1811, 2048 }, { 6, 1812, 2048 }, { 7, 1813, 2048 }, { 7, 1814, 2048 }, { 8, 1815, 2048 }, 
+   { 6, 1816, 2048 }, { 7, 1817, 2048 }, { 7, 1818, 2048 }, { 8, 1819, 2048 }, { 7, 1820, 2048 }, { 8, 1821, 2048 }, { 8, 1822, 2048 }, { 9, 1823, 2048 }, 
+   { 5, 1824, 2048 }, { 6, 1825, 2048 }, { 6, 1826, 2048 }, { 7, 1827, 2048 }, { 6, 1828, 2048 }, { 7, 1829, 2048 }, { 7, 1830, 2048 }, { 8, 1831, 2048 }, 
+   { 6, 1832, 2048 }, { 7, 1833, 2048 }, { 7, 1834, 2048 }, { 8, 1835, 2048 }, { 7, 1836, 2048 }, { 8, 1837, 2048 }, { 8, 1838, 2048 }, { 9, 1839, 2048 }, 
+   { 6, 1840, 2048 }, { 7, 1841, 2048 }, { 7, 1842, 2048 }, { 8, 1843, 2048 }, { 7, 1844, 2048 }, { 8, 1845, 2048 }, { 8, 1846, 2048 }, { 9, 1847, 2048 }, 
+   { 7, 1848, 2048 }, { 8, 1849, 2048 }, { 8, 1850, 2048 }, { 9, 1851, 2048 }, { 8, 1852, 2048 }, { 9, 1853, 2048 }, { 9, 1854, 2048 }, { 10, 1855, 2048 }, 
+   { 5, 1856, 2048 }, { 6, 1857, 2048 }, { 6, 1858, 2048 }, { 7, 1859, 2048 }, { 6, 1860, 2048 }, { 7, 1861, 2048 }, { 7, 1862, 2048 }, { 8, 1863, 2048 }, 
+   { 6, 1864, 2048 }, { 7, 1865, 2048 }, { 7, 1866, 2048 }, { 8, 1867, 2048 }, { 7, 1868, 2048 }, { 8, 1869, 2048 }, { 8, 1870, 2048 }, { 9, 1871, 2048 }, 
+   { 6, 1872, 2048 }, { 7, 1873, 2048 }, { 7, 1874, 2048 }, { 8, 1875, 2048 }, { 7, 1876, 2048 }, { 8, 1877, 2048 }, { 8, 1878, 2048 }, { 9, 1879, 2048 }, 
+   { 7, 1880, 2048 }, { 8, 1881, 2048 }, { 8, 1882, 2048 }, { 9, 1883, 2048 }, { 8, 1884, 2048 }, { 9, 1885, 2048 }, { 9, 1886, 2048 }, { 10, 1887, 2048 }, 
+   { 6, 1888, 2048 }, { 7, 1889, 2048 }, { 7, 1890, 2048 }, { 8, 1891, 2048 }, { 7, 1892, 2048 }, { 8, 1893, 2048 }, { 8, 1894, 2048 }, { 9, 1895, 2048 }, 
+   { 7, 1896, 2048 }, { 8, 1897, 2048 }, { 8, 1898, 2048 }, { 9, 1899, 2048 }, { 8, 1900, 2048 }, { 9, 1901, 2048 }, { 9, 1902, 2048 }, { 10, 1903, 2048 }, 
+   { 7, 1904, 2048 }, { 8, 1905, 2048 }, { 8, 1906, 2048 }, { 9, 1907, 2048 }, { 8, 1908, 2048 }, { 9, 1909, 2048 }, { 9, 1910, 2048 }, { 10, 1911, 2048 }, 
+   { 8, 1912, 2048 }, { 9, 1913, 2048 }, { 9, 1914, 2048 }, { 10, 1915, 2048 }, { 9, 1916, 2048 }, { 10, 1917, 2048 }, { 10, 1918, 2048 }, { 11, 1919, 2048 }, 
+   { 5, 1920, 2048 }, { 6, 1921, 2048 }, { 6, 1922, 2048 }, { 7, 1923, 2048 }, { 6, 1924, 2048 }, { 7, 1925, 2048 }, { 7, 1926, 2048 }, { 8, 1927, 2048 }, 
+   { 6, 1928, 2048 }, { 7, 1929, 2048 }, { 7, 1930, 2048 }, { 8, 1931, 2048 }, { 7, 1932, 2048 }, { 8, 1933, 2048 }, { 8, 1934, 2048 }, { 9, 1935, 2048 }, 
+   { 6, 1936, 2048 }, { 7, 1937, 2048 }, { 7, 1938, 2048 }, { 8, 1939, 2048 }, { 7, 1940, 2048 }, { 8, 1941, 2048 }, { 8, 1942, 2048 }, { 9, 1943, 2048 }, 
+   { 7, 1944, 2048 }, { 8, 1945, 2048 }, { 8, 1946, 2048 }, { 9, 1947, 2048 }, { 8, 1948, 2048 }, { 9, 1949, 2048 }, { 9, 1950, 2048 }, { 10, 1951, 2048 }, 
+   { 6, 1952, 2048 }, { 7, 1953, 2048 }, { 7, 1954, 2048 }, { 8, 1955, 2048 }, { 7, 1956, 2048 }, { 8, 1957, 2048 }, { 8, 1958, 2048 }, { 9, 1959, 2048 }, 
+   { 7, 1960, 2048 }, { 8, 1961, 2048 }, { 8, 1962, 2048 }, { 9, 1963, 2048 }, { 8, 1964, 2048 }, { 9, 1965, 2048 }, { 9, 1966, 2048 }, { 10, 1967, 2048 }, 
+   { 7, 1968, 2048 }, { 8, 1969, 2048 }, { 8, 1970, 2048 }, { 9, 1971, 2048 }, { 8, 1972, 2048 }, { 9, 1973, 2048 }, { 9, 1974, 2048 }, { 10, 1975, 2048 }, 
+   { 8, 1976, 2048 }, { 9, 1977, 2048 }, { 9, 1978, 2048 }, { 10, 1979, 2048 }, { 9, 1980, 2048 }, { 10, 1981, 2048 }, { 10, 1982, 2048 }, { 11, 1983, 2048 }, 
+   { 6, 1984, 2048 }, { 7, 1985, 2048 }, { 7, 1986, 2048 }, { 8, 1987, 2048 }, { 7, 1988, 2048 }, { 8, 1989, 2048 }, { 8, 1990, 2048 }, { 9, 1991, 2048 }, 
+   { 7, 1992, 2048 }, { 8, 1993, 2048 }, { 8, 1994, 2048 }, { 9, 1995, 2048 }, { 8, 1996, 2048 }, { 9, 1997, 2048 }, { 9, 1998, 2048 }, { 10, 1999, 2048 }, 
+   { 7, 2000, 2048 }, { 8, 2001, 2048 }, { 8, 2002, 2048 }, { 9, 2003, 2048 }, { 8, 2004, 2048 }, { 9, 2005, 2048 }, { 9, 2006, 2048 }, { 10, 2007, 2048 }, 
+   { 8, 2008, 2048 }, { 9, 2009, 2048 }, { 9, 2010, 2048 }, { 10, 2011, 2048 }, { 9, 2012, 2048 }, { 10, 2013, 2048 }, { 10, 2014, 2048 }, { 11, 2015, 2048 }, 
+   { 7, 2016, 2048 }, { 8, 2017, 2048 }, { 8, 2018, 2048 }, { 9, 2019, 2048 }, { 8, 2020, 2048 }, { 9, 2021, 2048 }, { 9, 2022, 2048 }, { 10, 2023, 2048 }, 
+   { 8, 2024, 2048 }, { 9, 2025, 2048 }, { 9, 2026, 2048 }, { 10, 2027, 2048 }, { 9, 2028, 2048 }, { 10, 2029, 2048 }, { 10, 2030, 2048 }, { 11, 2031, 2048 }, 
+   { 8, 2032, 2048 }, { 9, 2033, 2048 }, { 9, 2034, 2048 }, { 10, 2035, 2048 }, { 9, 2036, 2048 }, { 10, 2037, 2048 }, { 10, 2038, 2048 }, { 11, 2039, 2048 }, 
+   { 9, 2040, 2048 }, { 10, 2041, 2048 }, { 10, 2042, 2048 }, { 11, 2043, 2048 }, { 10, 2044, 2048 }, { 11, 2045, 2048 }, { 11, 2046, 2048 }, { 12, 2047, 2048 }, 
+#endif
+#endif
+#endif
+#endif
+#endif
+#endif
+};
+
+/* find a hole and free as required */
+static int find_hole(void)
+{
+   unsigned x;
+   int      y, z;
+   for (z = 0, y = INT_MAX, x = 0; x < FP_ENTRIES; x++) {
+       if (fp_cache[x].lru_count < y) {
+          z = x;
+          y = fp_cache[x].lru_count;
+       }
+   }
+
+   /* decrease all */
+   for (x = 0; x < FP_ENTRIES; x++) {
+      if (fp_cache[x].lru_count > 3) {
+         --(fp_cache[x].lru_count);
+      }
+   }
+
+   /* free entry z */
+   if (fp_cache[z].g) {
+      if (fp_cache[z].mu != NULL) {
+         mp_clear(fp_cache[z].mu);
+         fp_cache[z].mu = NULL;
+      }
+      ltc_ecc_del_point(fp_cache[z].g);
+      fp_cache[z].g  = NULL;
+      for (x = 0; x < (1U<<FP_LUT); x++) {
+         ltc_ecc_del_point(fp_cache[z].LUT[x]);
+         fp_cache[z].LUT[x] = NULL;
+      }
+      fp_cache[z].lru_count = 0;
+   }
+   return z;
+}
+
+/* determine if a base is already in the cache and if so, where */
+static int find_base(ecc_point *g)
+{
+   int x;
+   for (x = 0; x < FP_ENTRIES; x++) {
+      if (fp_cache[x].g != NULL && 
+          mp_cmp(fp_cache[x].g->x, g->x) == LTC_MP_EQ && 
+          mp_cmp(fp_cache[x].g->y, g->y) == LTC_MP_EQ && 
+          mp_cmp(fp_cache[x].g->z, g->z) == LTC_MP_EQ) {
+         break;
+      }
+   }
+   if (x == FP_ENTRIES) {
+      x = -1;
+   }
+   return x;
+}
+
+/* add a new base to the cache */
+static int add_entry(int idx, ecc_point *g)
+{
+   unsigned x, y;
+
+   /* allocate base and LUT */
+   fp_cache[idx].g = ltc_ecc_new_point();
+   if (fp_cache[idx].g == NULL) {
+      return CRYPT_MEM;
+   }
+
+   /* copy x and y */
+   if ((mp_copy(g->x, fp_cache[idx].g->x) != CRYPT_OK) ||
+       (mp_copy(g->y, fp_cache[idx].g->y) != CRYPT_OK) ||
+       (mp_copy(g->z, fp_cache[idx].g->z) != CRYPT_OK)) {
+      ltc_ecc_del_point(fp_cache[idx].g);
+      fp_cache[idx].g = NULL;
+      return CRYPT_MEM;
+   }              
+
+   for (x = 0; x < (1U<<FP_LUT); x++) {
+      fp_cache[idx].LUT[x] = ltc_ecc_new_point();
+      if (fp_cache[idx].LUT[x] == NULL) {
+         for (y = 0; y < x; y++) {
+            ltc_ecc_del_point(fp_cache[idx].LUT[y]);
+            fp_cache[idx].LUT[y] = NULL;
+         }
+         ltc_ecc_del_point(fp_cache[idx].g);
+         fp_cache[idx].g         = NULL;
+         fp_cache[idx].lru_count = 0;
+         return CRYPT_MEM;
+      }
+   }
+   
+   fp_cache[idx].lru_count = 0;
+   return CRYPT_OK;
+}
+
+/* build the LUT by spacing the bits of the input by #modulus/FP_LUT bits apart 
+ * 
+ * The algorithm builds patterns in increasing bit order by first making all 
+ * single bit input patterns, then all two bit input patterns and so on
+ */
+static int build_lut(int idx, void *modulus, void *mp, void *mu)
+{ 
+   unsigned x, y, err, bitlen, lut_gap;
+   void    *tmp;
+
+   tmp = NULL;
+
+   /* sanity check to make sure lut_order table is of correct size, should compile out to a NOP if true */
+   if ((sizeof(lut_orders) / sizeof(lut_orders[0])) < (1U<<FP_LUT)) {
+       err = CRYPT_INVALID_ARG;
+       goto DONE;
+   }       
+
+   /* get bitlen and round up to next multiple of FP_LUT */
+   bitlen  = mp_unsigned_bin_size(modulus) << 3;
+   x       = bitlen % FP_LUT;
+   if (x) {
+      bitlen += FP_LUT - x;
+   }  
+   lut_gap = bitlen / FP_LUT;
+
+   /* init the mu */
+   if ((err = mp_init_copy(&fp_cache[idx].mu, mu)) != CRYPT_OK) {
+      goto ERR;
+   }
+   
+   /* copy base */
+   if ((mp_mulmod(fp_cache[idx].g->x, mu, modulus, fp_cache[idx].LUT[1]->x) != CRYPT_OK) || 
+       (mp_mulmod(fp_cache[idx].g->y, mu, modulus, fp_cache[idx].LUT[1]->y) != CRYPT_OK) || 
+       (mp_mulmod(fp_cache[idx].g->z, mu, modulus, fp_cache[idx].LUT[1]->z) != CRYPT_OK))        { goto ERR; }
+       
+   /* make all single bit entries */
+   for (x = 1; x < FP_LUT; x++) {
+      if ((mp_copy(fp_cache[idx].LUT[1<<(x-1)]->x, fp_cache[idx].LUT[1<<x]->x) != CRYPT_OK) || 
+          (mp_copy(fp_cache[idx].LUT[1<<(x-1)]->y, fp_cache[idx].LUT[1<<x]->y) != CRYPT_OK) || 
+          (mp_copy(fp_cache[idx].LUT[1<<(x-1)]->z, fp_cache[idx].LUT[1<<x]->z) != CRYPT_OK))     { goto ERR; }
+          
+      /* now double it bitlen/FP_LUT times */
+      for (y = 0; y < lut_gap; y++) {
+          if ((err = ltc_mp.ecc_ptdbl(fp_cache[idx].LUT[1<<x], fp_cache[idx].LUT[1<<x], modulus, mp)) != CRYPT_OK) {
+             goto ERR;
+          }
+      }          
+   }
+      
+   /* now make all entries in increase order of hamming weight */
+   for (x = 2; x <= FP_LUT; x++) {
+       for (y = 0; y < (1UL<<FP_LUT); y++) {
+           if (lut_orders[y].ham != (int)x) continue;
+                     
+           /* perform the add */
+           if ((err = ltc_mp.ecc_ptadd(fp_cache[idx].LUT[lut_orders[y].terma], fp_cache[idx].LUT[lut_orders[y].termb], 
+                                       fp_cache[idx].LUT[y], modulus, mp)) != CRYPT_OK) {
+              goto ERR;
+           }
+       }
+   }
+      
+   /* now map all entries back to affine space to make point addition faster */
+   if ((err = mp_init(&tmp)) != CRYPT_OK)                                                                    { goto ERR; }
+   for (x = 1; x < (1UL<<FP_LUT); x++) {
+       /* convert z to normal from montgomery */
+       if ((err = mp_montgomery_reduce(fp_cache[idx].LUT[x]->z, modulus, mp)) != CRYPT_OK)                   { goto ERR; }
+ 
+       /* invert it */
+       if ((err = mp_invmod(fp_cache[idx].LUT[x]->z, modulus, fp_cache[idx].LUT[x]->z)) != CRYPT_OK)         { goto ERR; }
+
+       /* now square it */
+       if ((err = mp_sqrmod(fp_cache[idx].LUT[x]->z, modulus, tmp)) != CRYPT_OK)                             { goto ERR; }
+       
+       /* fix x */
+       if ((err = mp_mulmod(fp_cache[idx].LUT[x]->x, tmp, modulus, fp_cache[idx].LUT[x]->x)) != CRYPT_OK)    { goto ERR; }
+
+       /* get 1/z^3 */
+       if ((err = mp_mulmod(tmp, fp_cache[idx].LUT[x]->z, modulus, tmp)) != CRYPT_OK)                        { goto ERR; }
+
+       /* fix y */
+       if ((err = mp_mulmod(fp_cache[idx].LUT[x]->y, tmp, modulus, fp_cache[idx].LUT[x]->y)) != CRYPT_OK)    { goto ERR; }
+
+       /* free z */
+       mp_clear(fp_cache[idx].LUT[x]->z);
+       fp_cache[idx].LUT[x]->z = NULL;
+   }
+   mp_clear(tmp);
+
+   return CRYPT_OK;                                                                       
+ERR:
+   err = CRYPT_MEM;
+DONE:   
+   for (y = 0; y < (1U<<FP_LUT); y++) {
+      ltc_ecc_del_point(fp_cache[idx].LUT[y]);
+      fp_cache[idx].LUT[y] = NULL;
+   }
+   ltc_ecc_del_point(fp_cache[idx].g);
+   fp_cache[idx].g         = NULL;
+   fp_cache[idx].lru_count = 0;
+   if (fp_cache[idx].mu != NULL) {
+      mp_clear(fp_cache[idx].mu);
+      fp_cache[idx].mu = NULL;
+   }
+   if (tmp != NULL) {
+      mp_clear(tmp);
+   }
+   return err;
+}
+
+/* perform a fixed point ECC mulmod */
+static int accel_fp_mul(int idx, void *k, ecc_point *R, void *modulus, void *mp, int map)
+{
+   unsigned char kb[128];
+   int      x;
+   unsigned y, z, err, bitlen, bitpos, lut_gap, first;
+   void     *tk, *order;
+
+   /* if it's smaller than modulus we fine */
+   if (mp_unsigned_bin_size(k) > mp_unsigned_bin_size(modulus)) {
+      /* find order */
+      y = mp_unsigned_bin_size(modulus);
+      for (x = 0; ltc_ecc_sets[x].size; x++) {
+         if (y <= (unsigned)ltc_ecc_sets[x].size) break;
+      }
+   
+      /* back off if we are on the 521 bit curve */
+      if (y == 66) --x;
+      
+      if ((err = mp_init(&order)) != CRYPT_OK) {
+         return err;
+      }      
+      if ((err = mp_read_radix(order, ltc_ecc_sets[x].order, 16)) != CRYPT_OK) {
+         mp_clear(&order);
+         return err;
+      }
+
+      /* k must be less than modulus */
+      if (mp_cmp(k, order) != LTC_MP_LT) {
+         if ((err = mp_init(&tk)) != CRYPT_OK) {
+            mp_clear(order);
+            return err;
+         }
+         if ((err = mp_mod(k, order, tk)) != CRYPT_OK) {
+            mp_clear(tk);
+            mp_clear(order);
+            return err;
+         }
+      } else {
+         tk = k;
+      }
+      mp_clear(order);
+   } else {
+       tk = k;
+   }       
+   
+   /* get bitlen and round up to next multiple of FP_LUT */
+   bitlen  = mp_unsigned_bin_size(modulus) << 3;
+   x       = bitlen % FP_LUT;
+   if (x) {
+      bitlen += FP_LUT - x;
+   }  
+   lut_gap = bitlen / FP_LUT;
+        
+   /* get the k value */
+   if (mp_unsigned_bin_size(tk) > (sizeof(kb) - 2)) {
+      if (tk != k) {
+         mp_clear(tk);
+      }         
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+   
+   /* store k */
+   zeromem(kb, sizeof(kb));
+   if ((err = mp_to_unsigned_bin(tk, kb)) != CRYPT_OK) {
+      if (tk != k) {
+         mp_clear(tk);
+      }         
+      return err;
+   }
+   
+   /* let's reverse kb so it's little endian */
+   x = 0;
+   y = mp_unsigned_bin_size(tk) - 1;
+   if (tk != k) {
+      mp_clear(tk);
+   }         
+   while ((unsigned)x < y) {
+      z = kb[x]; kb[x] = kb[y]; kb[y] = z;
+      ++x; --y;
+   }      
+   
+   /* at this point we can start, yipee */
+   first = 1;
+   for (x = lut_gap-1; x >= 0; x--) {
+       /* extract FP_LUT bits from kb spread out by lut_gap bits and offset by x bits from the start */
+       bitpos = x;
+       for (y = z = 0; y < FP_LUT; y++) {
+          z |= ((kb[bitpos>>3] >> (bitpos&7)) & 1) << y;
+          bitpos += lut_gap;                               /* it's y*lut_gap + x, but here we can avoid the mult in each loop */
+       }
+              
+       /* double if not first */
+       if (!first) {
+          if ((err = ltc_mp.ecc_ptdbl(R, R, modulus, mp)) != CRYPT_OK) {
+             return err;
+          }
+       }
+       
+       /* add if not first, otherwise copy */          
+       if (!first && z) {
+          if ((err = ltc_mp.ecc_ptadd(R, fp_cache[idx].LUT[z], R, modulus, mp)) != CRYPT_OK) {
+             return err;
+          }
+       } else if (z) {
+          if ((mp_copy(fp_cache[idx].LUT[z]->x, R->x) != CRYPT_OK) || 
+              (mp_copy(fp_cache[idx].LUT[z]->y, R->y) != CRYPT_OK) || 
+              (mp_copy(fp_cache[idx].mu,        R->z) != CRYPT_OK)) { return CRYPT_MEM; }
+              first = 0;              
+       }
+   }     
+   z = 0;
+   zeromem(kb, sizeof(kb));
+   /* map R back from projective space */
+   if (map) {
+      err = ltc_ecc_map(R, modulus, mp);
+   } else {
+      err = CRYPT_OK;
+   }
+   return err;
+}
+
+#ifdef LTC_ECC_SHAMIR
+/* perform a fixed point ECC mulmod */
+static int accel_fp_mul2add(int idx1, int idx2, 
+                            void *kA, void *kB,
+                            ecc_point *R, void *modulus, void *mp)
+{
+   unsigned char kb[2][128];
+   int      x;
+   unsigned y, z, err, bitlen, bitpos, lut_gap, first, zA, zB;
+   void     *tka, *tkb, *order;
+
+   /* if it's smaller than modulus we fine */
+   if (mp_unsigned_bin_size(kA) > mp_unsigned_bin_size(modulus)) {
+      /* find order */
+      y = mp_unsigned_bin_size(modulus);
+      for (x = 0; ltc_ecc_sets[x].size; x++) {
+         if (y <= (unsigned)ltc_ecc_sets[x].size) break;
+      }
+   
+      /* back off if we are on the 521 bit curve */
+      if (y == 66) --x;
+      
+      if ((err = mp_init(&order)) != CRYPT_OK) {
+         return err;
+      }      
+      if ((err = mp_read_radix(order, ltc_ecc_sets[x].order, 16)) != CRYPT_OK) {
+         mp_clear(&order);
+         return err;
+      }
+
+      /* kA must be less than modulus */
+      if (mp_cmp(kA, order) != LTC_MP_LT) {
+         if ((err = mp_init(&tka)) != CRYPT_OK) {
+            mp_clear(order);
+            return err;
+         }
+         if ((err = mp_mod(kA, order, tka)) != CRYPT_OK) {
+            mp_clear(tka);
+            mp_clear(order);
+            return err;
+         }
+      } else {
+         tka = kA;
+      }
+      mp_clear(order);
+   } else {
+      tka = kA;
+   }       
+
+   /* if it's smaller than modulus we fine */
+   if (mp_unsigned_bin_size(kB) > mp_unsigned_bin_size(modulus)) {
+      /* find order */
+      y = mp_unsigned_bin_size(modulus);
+      for (x = 0; ltc_ecc_sets[x].size; x++) {
+         if (y <= (unsigned)ltc_ecc_sets[x].size) break;
+      }
+   
+      /* back off if we are on the 521 bit curve */
+      if (y == 66) --x;
+      
+      if ((err = mp_init(&order)) != CRYPT_OK) {
+         return err;
+      }      
+      if ((err = mp_read_radix(order, ltc_ecc_sets[x].order, 16)) != CRYPT_OK) {
+         mp_clear(&order);
+         return err;
+      }
+
+      /* kB must be less than modulus */
+      if (mp_cmp(kB, order) != LTC_MP_LT) {
+         if ((err = mp_init(&tkb)) != CRYPT_OK) {
+            mp_clear(order);
+            return err;
+         }
+         if ((err = mp_mod(kB, order, tkb)) != CRYPT_OK) {
+            mp_clear(tkb);
+            mp_clear(order);
+            return err;
+         }
+      } else {
+         tkb = kB;
+      }
+      mp_clear(order);
+   } else {
+      tkb = kB;
+   }     
+
+   /* get bitlen and round up to next multiple of FP_LUT */
+   bitlen  = mp_unsigned_bin_size(modulus) << 3;
+   x       = bitlen % FP_LUT;
+   if (x) {
+      bitlen += FP_LUT - x;
+   }  
+   lut_gap = bitlen / FP_LUT;
+        
+   /* get the k value */
+   if ((mp_unsigned_bin_size(tka) > (sizeof(kb[0]) - 2)) || (mp_unsigned_bin_size(tkb) > (sizeof(kb[0]) - 2))  ) {
+      if (tka != kA) {
+         mp_clear(tka);
+      }         
+      if (tkb != kB) {
+         mp_clear(tkb);
+      }         
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+   
+   /* store k */
+   zeromem(kb, sizeof(kb));
+   if ((err = mp_to_unsigned_bin(tka, kb[0])) != CRYPT_OK) {
+      if (tka != kA) {
+         mp_clear(tka);
+      }         
+      if (tkb != kB) {
+         mp_clear(tkb);
+      }         
+      return err;
+   }
+   
+   /* let's reverse kb so it's little endian */
+   x = 0;
+   y = mp_unsigned_bin_size(tka) - 1;
+   if (tka != kA) {
+      mp_clear(tka);
+   }         
+   while ((unsigned)x < y) {
+      z = kb[0][x]; kb[0][x] = kb[0][y]; kb[0][y] = z;
+      ++x; --y;
+   }      
+   
+   /* store b */
+   if ((err = mp_to_unsigned_bin(tkb, kb[1])) != CRYPT_OK) {
+      if (tkb != kB) {
+         mp_clear(tkb);
+      }         
+      return err;
+   }
+
+   x = 0;
+   y = mp_unsigned_bin_size(tkb) - 1;
+   if (tkb != kB) {
+      mp_clear(tkb);
+   }         
+   while ((unsigned)x < y) {
+      z = kb[1][x]; kb[1][x] = kb[1][y]; kb[1][y] = z;
+      ++x; --y;
+   }      
+
+   /* at this point we can start, yipee */
+   first = 1;
+   for (x = lut_gap-1; x >= 0; x--) {
+       /* extract FP_LUT bits from kb spread out by lut_gap bits and offset by x bits from the start */
+       bitpos = x;
+       for (y = zA = zB = 0; y < FP_LUT; y++) {
+          zA |= ((kb[0][bitpos>>3] >> (bitpos&7)) & 1) << y;
+          zB |= ((kb[1][bitpos>>3] >> (bitpos&7)) & 1) << y;
+          bitpos += lut_gap;                               /* it's y*lut_gap + x, but here we can avoid the mult in each loop */
+       }
+              
+       /* double if not first */
+       if (!first) {
+          if ((err = ltc_mp.ecc_ptdbl(R, R, modulus, mp)) != CRYPT_OK) {
+             return err;
+          }
+       }
+       
+       /* add if not first, otherwise copy */          
+       if (!first) {
+          if (zA) {
+             if ((err = ltc_mp.ecc_ptadd(R, fp_cache[idx1].LUT[zA], R, modulus, mp)) != CRYPT_OK) {
+                return err;
+             }
+          }
+          if (zB) {
+             if ((err = ltc_mp.ecc_ptadd(R, fp_cache[idx2].LUT[zB], R, modulus, mp)) != CRYPT_OK) {
+                return err;
+             }
+          }
+       } else {
+          if (zA) {
+              if ((mp_copy(fp_cache[idx1].LUT[zA]->x, R->x) != CRYPT_OK) || 
+                 (mp_copy(fp_cache[idx1].LUT[zA]->y, R->y) != CRYPT_OK) || 
+                 (mp_copy(fp_cache[idx1].mu,        R->z) != CRYPT_OK)) { return CRYPT_MEM; }
+                 first = 0;              
+          }
+          if (zB && first == 0) {
+             if (zB) {
+                if ((err = ltc_mp.ecc_ptadd(R, fp_cache[idx2].LUT[zB], R, modulus, mp)) != CRYPT_OK) {
+                   return err;
+                }
+             }
+          } else if (zB && first == 1) {
+              if ((mp_copy(fp_cache[idx2].LUT[zB]->x, R->x) != CRYPT_OK) || 
+                 (mp_copy(fp_cache[idx2].LUT[zB]->y, R->y) != CRYPT_OK) || 
+                 (mp_copy(fp_cache[idx2].mu,        R->z) != CRYPT_OK)) { return CRYPT_MEM; }
+                 first = 0;              
+          }
+       }
+   }     
+   zeromem(kb, sizeof(kb));
+   return ltc_ecc_map(R, modulus, mp);
+}
+
+/** ECC Fixed Point mulmod global
+    @param k        The multiplicand
+    @param G        Base point to multiply
+    @param R        [out] Destination of product
+    @param modulus  The modulus for the curve
+    @param map      [boolean] If non-zero maps the point back to affine co-ordinates, otherwise it's left in jacobian-montgomery form
+    @return CRYPT_OK if successful
+*/   
+int ltc_ecc_fp_mul2add(ecc_point *A, void *kA,
+                       ecc_point *B, void *kB,
+                       ecc_point *C, void *modulus)
+{
+   int  idx1, idx2, err;
+   void *mp, *mu;
+   
+   mp = NULL;
+   mu = NULL;
+   LTC_MUTEX_LOCK(&ltc_ecc_fp_lock);
+      /* find point */
+      idx1 = find_base(A);
+
+      /* no entry? */
+      if (idx1 == -1) {
+         /* find hole and add it */
+         idx1 = find_hole();
+
+         if ((err = add_entry(idx1, A)) != CRYPT_OK) {
+            goto LBL_ERR;
+         }
+      }
+
+      /* increment LRU */
+      ++(fp_cache[idx1].lru_count);
+ 
+      /* find point */
+      idx2 = find_base(B);
+
+      /* no entry? */
+      if (idx2 == -1) {
+         /* find hole and add it */
+         idx2 = find_hole();
+
+         if ((err = add_entry(idx2, B)) != CRYPT_OK) {
+            goto LBL_ERR;
+         }
+      }
+
+      /* increment LRU */
+      ++(fp_cache[idx2].lru_count);
+
+      /* if it's 2 build the LUT, if it's higher just use the LUT */
+      if (fp_cache[idx1].lru_count == 2) {
+         /* compute mp */
+         if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto LBL_ERR; }
+
+         /* compute mu */
+         if ((err = mp_init(&mu)) != CRYPT_OK) {
+             goto LBL_ERR;
+         }
+         if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) {
+            goto LBL_ERR;
+         }            
+                 
+         /* build the LUT */
+         if ((err = build_lut(idx1, modulus, mp, mu)) != CRYPT_OK) {
+             goto LBL_ERR;;
+         }  
+      }
+
+      /* if it's 2 build the LUT, if it's higher just use the LUT */
+      if (fp_cache[idx2].lru_count == 2) {
+         if (mp == NULL) {
+            /* compute mp */
+            if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto LBL_ERR; }
+
+            /* compute mu */
+            if ((err = mp_init(&mu)) != CRYPT_OK) {
+                goto LBL_ERR;
+            }
+            if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) {
+               goto LBL_ERR;
+            }            
+         }
+                 
+         /* build the LUT */
+         if ((err = build_lut(idx2, modulus, mp, mu)) != CRYPT_OK) {
+             goto LBL_ERR;;
+         }  
+      }
+
+
+      if (fp_cache[idx1].lru_count >= 2 && fp_cache[idx2].lru_count >= 2) {
+         if (mp == NULL) {
+            /* compute mp */
+            if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto LBL_ERR; }
+         }
+         err = accel_fp_mul2add(idx1, idx2, kA, kB, C, modulus, mp);
+      } else {
+         err = ltc_ecc_mul2add(A, kA, B, kB, C, modulus);
+      }
+LBL_ERR:
+    LTC_MUTEX_UNLOCK(&ltc_ecc_fp_lock);
+    if (mp != NULL) {
+       mp_montgomery_free(mp);
+    }       
+    if (mu != NULL) {
+       mp_clear(mu);
+    }       
+    return err;
+}
+#endif
+
+/** ECC Fixed Point mulmod global
+    @param k        The multiplicand
+    @param G        Base point to multiply
+    @param R        [out] Destination of product
+    @param modulus  The modulus for the curve
+    @param map      [boolean] If non-zero maps the point back to affine co-ordinates, otherwise it's left in jacobian-montgomery form
+    @return CRYPT_OK if successful
+*/   
+int ltc_ecc_fp_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map)
+{
+   int   idx, err;
+   void *mp, *mu;
+   
+   mp = NULL;
+   mu = NULL;
+   LTC_MUTEX_LOCK(&ltc_ecc_fp_lock);
+      /* find point */
+      idx = find_base(G);
+
+      /* no entry? */
+      if (idx == -1) {
+         /* find hole and add it */
+         idx = find_hole();
+
+         if ((err = add_entry(idx, G)) != CRYPT_OK) {
+            goto LBL_ERR;
+         }
+      }
+
+      /* increment LRU */
+      ++(fp_cache[idx].lru_count);
+ 
+      /* if it's 2 build the LUT, if it's higher just use the LUT */
+      if (fp_cache[idx].lru_count == 2) {
+         /* compute mp */
+         if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto LBL_ERR; }
+
+         /* compute mu */
+         if ((err = mp_init(&mu)) != CRYPT_OK) {
+             goto LBL_ERR;
+         }
+         if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) {
+            goto LBL_ERR;
+         }            
+                 
+         /* build the LUT */
+         if ((err = build_lut(idx, modulus, mp, mu)) != CRYPT_OK) {
+             goto LBL_ERR;;
+         }  
+      }
+
+      if (fp_cache[idx].lru_count >= 2) {
+         if (mp == NULL) {
+            /* compute mp */
+            if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) { goto LBL_ERR; }
+         }
+         err = accel_fp_mul(idx, k, R, modulus, mp, map);
+      } else {
+         err = ltc_ecc_mulmod(k, G, R, modulus, map);
+      }
+LBL_ERR:
+    LTC_MUTEX_UNLOCK(&ltc_ecc_fp_lock);
+    if (mp != NULL) {
+       mp_montgomery_free(mp);
+    }       
+    if (mu != NULL) {
+       mp_clear(mu);
+    }       
+    return err;
+}
+
+/** Free the Fixed Point tables */
+void ltc_ecc_fp_free(void)
+{
+   unsigned x, y;
+   LTC_MUTEX_LOCK(&ltc_ecc_fp_lock);
+   for (x = 0; x < FP_ENTRIES; x++) {
+      if (fp_cache[x].g != NULL) {
+         for (y = 0; y < (1U<<FP_LUT); y++) {
+            ltc_ecc_del_point(fp_cache[x].LUT[y]);
+            fp_cache[x].LUT[y] = NULL;
+         }
+         ltc_ecc_del_point(fp_cache[x].g);
+         fp_cache[x].g         = NULL;
+         if (fp_cache[x].mu != NULL) {
+            mp_clear(fp_cache[x].mu);
+            fp_cache[x].mu     = NULL;
+         }
+         fp_cache[x].lru_count = 0;
+      }         
+   }
+   LTC_MUTEX_UNLOCK(&ltc_ecc_fp_lock);
+}         
+
+#endif
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/math/fp/ltc_ecc_fp_mulmod.c,v $ */
+/* $Revision: 1.27 $ */
+/* $Date: 2006/12/03 00:39:56 $ */
+
diff --git a/libtomcrypt/src/math/gmp_desc.c b/libtomcrypt/src/math/gmp_desc.c
new file mode 100644
index 0000000..66c279e
--- /dev/null
+++ b/libtomcrypt/src/math/gmp_desc.c
@@ -0,0 +1,478 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+#define DESC_DEF_ONLY
+#include "tomcrypt.h"
+
+#ifdef GMP_DESC
+
+#include <stdio.h>
+#include <gmp.h>
+
+static int init(void **a)
+{ 
+   LTC_ARGCHK(a != NULL);
+
+   *a = XCALLOC(1, sizeof(__mpz_struct));
+   if (*a == NULL) {
+      return CRYPT_MEM;
+   }
+   mpz_init(((__mpz_struct *)*a));
+   return CRYPT_OK;
+}
+
+static void deinit(void *a)
+{
+   LTC_ARGCHKVD(a != NULL);
+   mpz_clear(a);
+   XFREE(a);
+}
+
+static int neg(void *a, void *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   mpz_neg(b, a);
+   return CRYPT_OK;
+}
+
+static int copy(void *a, void *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   mpz_set(b, a);
+   return CRYPT_OK;
+}
+
+static int init_copy(void **a, void *b)
+{
+   if (init(a) != CRYPT_OK) {
+      return CRYPT_MEM;
+   }
+   return copy(b, *a);
+}
+
+/* ---- trivial ---- */
+static int set_int(void *a, unsigned long b)
+{
+   LTC_ARGCHK(a != NULL);
+   mpz_set_ui(((__mpz_struct *)a), b);
+   return CRYPT_OK;
+}
+
+static unsigned long get_int(void *a)
+{
+   LTC_ARGCHK(a != NULL);
+   return mpz_get_ui(a);
+}
+
+static unsigned long get_digit(void *a, int n)
+{
+   LTC_ARGCHK(a != NULL);
+   return mpz_getlimbn(a, n);
+}
+
+static int get_digit_count(void *a)
+{
+   LTC_ARGCHK(a != NULL);
+   return mpz_size(a);
+}
+   
+static int compare(void *a, void *b)
+{
+   int ret;
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   ret = mpz_cmp(a, b);
+   if (ret < 0) {
+      return LTC_MP_LT;
+   } else if (ret > 0) {
+      return LTC_MP_GT;
+   } else {
+      return LTC_MP_EQ;
+   }
+}
+
+static int compare_d(void *a, unsigned long b)
+{
+   int ret;
+   LTC_ARGCHK(a != NULL);
+   ret = mpz_cmp_ui(((__mpz_struct *)a), b);
+   if (ret < 0) {
+      return LTC_MP_LT;
+   } else if (ret > 0) {
+      return LTC_MP_GT;
+   } else {
+      return LTC_MP_EQ;
+   }
+}
+
+static int count_bits(void *a)
+{
+   LTC_ARGCHK(a != NULL);
+   return mpz_sizeinbase(a, 2);
+}
+
+static int count_lsb_bits(void *a)
+{
+   LTC_ARGCHK(a != NULL);
+   return mpz_scan1(a, 0);
+}
+
+
+static int twoexpt(void *a, int n)
+{
+   LTC_ARGCHK(a != NULL);
+   mpz_set_ui(a, 0);
+   mpz_setbit(a, n);
+   return CRYPT_OK;
+}
+
+/* ---- conversions ---- */
+
+/* read ascii string */
+static int read_radix(void *a, const char *b, int radix)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   mpz_set_str(a, b, radix);
+   return CRYPT_OK;
+}
+
+/* write one */
+static int write_radix(void *a, char *b, int radix)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   mpz_get_str(b, radix, a);
+   return CRYPT_OK;
+}
+
+/* get size as unsigned char string */
+static unsigned long unsigned_size(void *a)
+{
+   unsigned long t;
+   LTC_ARGCHK(a != NULL);
+   t = mpz_sizeinbase(a, 2);
+   if (mpz_cmp_ui(((__mpz_struct *)a), 0) == 0) return 0;
+   return (t>>3) + ((t&7)?1:0);
+}
+
+/* store */
+static int unsigned_write(void *a, unsigned char *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   mpz_export(b, NULL, 1, 1, 1, 0, ((__mpz_struct*)a));
+   return CRYPT_OK;
+}
+
+/* read */
+static int unsigned_read(void *a, unsigned char *b, unsigned long len)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   mpz_import(a, len, 1, 1, 1, 0, b);
+   return CRYPT_OK;
+}
+
+/* add */
+static int add(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   mpz_add(c, a, b);
+   return CRYPT_OK;
+}
+  
+static int addi(void *a, unsigned long b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(c != NULL);
+   mpz_add_ui(c, a, b);
+   return CRYPT_OK;
+}
+
+/* sub */
+static int sub(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   mpz_sub(c, a, b);
+   return CRYPT_OK;
+}
+
+static int subi(void *a, unsigned long b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(c != NULL);
+   mpz_sub_ui(c, a, b);
+   return CRYPT_OK;
+}
+
+/* mul */
+static int mul(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   mpz_mul(c, a, b);
+   return CRYPT_OK;
+}
+
+static int muli(void *a, unsigned long b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(c != NULL);
+   mpz_mul_ui(c, a, b);
+   return CRYPT_OK;
+}
+
+/* sqr */
+static int sqr(void *a, void *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   mpz_mul(b, a, a);
+   return CRYPT_OK;
+}
+
+/* div */
+static int divide(void *a, void *b, void *c, void *d)
+{
+   mpz_t tmp;
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   if (c != NULL) {
+      mpz_init(tmp);
+      mpz_divexact(tmp, a, b);
+   }
+   if (d != NULL) {
+      mpz_mod(d, a, b);
+   }
+   if (c != NULL) {
+      mpz_set(c, tmp);
+      mpz_clear(tmp);
+   }
+   return CRYPT_OK;
+}
+
+static int div_2(void *a, void *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   mpz_divexact_ui(b, a, 2);
+   return CRYPT_OK;
+}
+
+/* modi */
+static int modi(void *a, unsigned long b, unsigned long *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(c != NULL);
+   
+   *c = mpz_fdiv_ui(a, b);
+   return CRYPT_OK;
+}  
+
+/* gcd */
+static int gcd(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   mpz_gcd(c, a, b);
+   return CRYPT_OK;
+}
+
+/* lcm */
+static int lcm(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   mpz_lcm(c, a, b);
+   return CRYPT_OK;
+}
+
+static int mulmod(void *a, void *b, void *c, void *d)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   LTC_ARGCHK(d != NULL);
+   mpz_mul(d, a, b);
+   mpz_mod(d, d, c);
+   return CRYPT_OK;
+}
+
+static int sqrmod(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   mpz_mul(c, a, a);
+   mpz_mod(c, c, b);
+   return CRYPT_OK;
+}
+
+/* invmod */
+static int invmod(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   mpz_invert(c, a, b);
+   return CRYPT_OK;
+}
+
+/* setup */
+static int montgomery_setup(void *a, void **b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   *b = (void *)1;
+   return CRYPT_OK;
+}
+
+/* get normalization value */
+static int montgomery_normalization(void *a, void *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   mpz_set_ui(a, 1);
+   return CRYPT_OK;
+}
+
+/* reduce */
+static int montgomery_reduce(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   mpz_mod(a, a, b);
+   return CRYPT_OK;
+}
+
+/* clean up */
+static void montgomery_deinit(void *a)
+{
+}
+
+static int exptmod(void *a, void *b, void *c, void *d)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   LTC_ARGCHK(d != NULL);
+   mpz_powm(d, a, b, c);
+   return CRYPT_OK;
+}   
+
+static int isprime(void *a, int *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   *b = mpz_probab_prime_p(a, 8) > 0 ? LTC_MP_YES : LTC_MP_NO;
+   return CRYPT_OK;
+}
+
+const ltc_math_descriptor gmp_desc = {
+   "GNU MP",
+   sizeof(mp_limb_t) * CHAR_BIT - GMP_NAIL_BITS,
+
+   &init,
+   &init_copy,
+   &deinit,
+
+   &neg,
+   &copy,
+
+   &set_int,
+   &get_int,
+   &get_digit,
+   &get_digit_count,
+   &compare,
+   &compare_d,
+   &count_bits,
+   &count_lsb_bits,
+   &twoexpt,
+
+   &read_radix,
+   &write_radix,
+   &unsigned_size,
+   &unsigned_write,
+   &unsigned_read,
+
+   &add,
+   &addi,
+   &sub,
+   &subi,
+   &mul,
+   &muli,
+   &sqr,
+   &divide,
+   &div_2,
+   &modi,
+   &gcd,
+   &lcm,
+
+   &mulmod,
+   &sqrmod,
+   &invmod,
+
+   &montgomery_setup,
+   &montgomery_normalization,
+   &montgomery_reduce,
+   &montgomery_deinit,
+
+   &exptmod,
+   &isprime,
+
+#ifdef MECC
+#ifdef MECC_FP
+   &ltc_ecc_fp_mulmod,
+#else
+   &ltc_ecc_mulmod,
+#endif /* MECC_FP */
+   &ltc_ecc_projective_add_point,
+   &ltc_ecc_projective_dbl_point,
+   &ltc_ecc_map,
+#ifdef LTC_ECC_SHAMIR
+#ifdef MECC_FP
+   &ltc_ecc_fp_mul2add,
+#else
+   &ltc_ecc_mul2add,
+#endif /* MECC_FP */
+#else
+   NULL,
+#endif /* LTC_ECC_SHAMIR */
+#else
+   NULL, NULL, NULL, NULL, NULL
+#endif /* MECC */
+
+#ifdef MRSA
+   &rsa_make_key,
+   &rsa_exptmod,
+#else
+   NULL, NULL
+#endif
+   
+};
+
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/math/gmp_desc.c,v $ */
+/* $Revision: 1.14 $ */
+/* $Date: 2006/12/03 00:39:56 $ */
diff --git a/libtomcrypt/src/math/ltm_desc.c b/libtomcrypt/src/math/ltm_desc.c
new file mode 100644
index 0000000..07fdd5a
--- /dev/null
+++ b/libtomcrypt/src/math/ltm_desc.c
@@ -0,0 +1,483 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+#define DESC_DEF_ONLY
+#include "tomcrypt.h"
+
+#ifdef LTM_DESC
+
+#include <tommath.h>
+
+static const struct {
+    int mpi_code, ltc_code;
+} mpi_to_ltc_codes[] = {
+   { MP_OKAY ,  CRYPT_OK},
+   { MP_MEM  ,  CRYPT_MEM},
+   { MP_VAL  ,  CRYPT_INVALID_ARG},
+};
+
+/**
+   Convert a MPI error to a LTC error (Possibly the most powerful function ever!  Oh wait... no) 
+   @param err    The error to convert
+   @return The equivalent LTC error code or CRYPT_ERROR if none found
+*/
+static int mpi_to_ltc_error(int err)
+{
+   int x;
+
+   for (x = 0; x < (int)(sizeof(mpi_to_ltc_codes)/sizeof(mpi_to_ltc_codes[0])); x++) {
+       if (err == mpi_to_ltc_codes[x].mpi_code) { 
+          return mpi_to_ltc_codes[x].ltc_code;
+       }
+   }
+   return CRYPT_ERROR;
+}
+
+static int init(void **a)
+{
+   int err;
+
+   LTC_ARGCHK(a != NULL);
+
+   *a = XCALLOC(1, sizeof(mp_int));
+   if (*a == NULL) {
+      return CRYPT_MEM;
+   }
+   
+   if ((err = mpi_to_ltc_error(mp_init(*a))) != CRYPT_OK) {
+      XFREE(*a);
+   }
+   return err;
+}
+
+static void deinit(void *a)
+{
+   LTC_ARGCHKVD(a != NULL);
+   mp_clear(a);
+   XFREE(a);
+}
+
+static int neg(void *a, void *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   return mpi_to_ltc_error(mp_neg(a, b));
+}
+
+static int copy(void *a, void *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   return mpi_to_ltc_error(mp_copy(a, b));
+}
+
+static int init_copy(void **a, void *b)
+{
+   if (init(a) != CRYPT_OK) {
+      return CRYPT_MEM;
+   }
+   return copy(b, *a);
+}
+
+/* ---- trivial ---- */
+static int set_int(void *a, unsigned long b)
+{
+   LTC_ARGCHK(a != NULL);
+   return mpi_to_ltc_error(mp_set_int(a, b));
+}
+
+static unsigned long get_int(void *a)
+{
+   LTC_ARGCHK(a != NULL);
+   return mp_get_int(a);
+}
+
+static unsigned long get_digit(void *a, int n)
+{
+   mp_int *A;
+   LTC_ARGCHK(a != NULL);
+   A = a;
+   return (n >= A->used || n < 0) ? 0 : A->dp[n];
+}
+
+static int get_digit_count(void *a)
+{
+   mp_int *A;
+   LTC_ARGCHK(a != NULL);
+   A = a;
+   return A->used;
+}
+   
+static int compare(void *a, void *b)
+{
+   int ret;
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   ret = mp_cmp(a, b);
+   switch (ret) {
+      case MP_LT: return LTC_MP_LT;
+      case MP_EQ: return LTC_MP_EQ;
+      case MP_GT: return LTC_MP_GT;
+   }
+   return 0;
+}
+
+static int compare_d(void *a, unsigned long b)
+{
+   int ret;
+   LTC_ARGCHK(a != NULL);
+   ret = mp_cmp_d(a, b);
+   switch (ret) {
+      case MP_LT: return LTC_MP_LT;
+      case MP_EQ: return LTC_MP_EQ;
+      case MP_GT: return LTC_MP_GT;
+   }
+   return 0;
+}
+
+static int count_bits(void *a)
+{
+   LTC_ARGCHK(a != NULL);
+   return mp_count_bits(a);
+}
+
+static int count_lsb_bits(void *a)
+{
+   LTC_ARGCHK(a != NULL);
+   return mp_cnt_lsb(a);
+}
+
+
+static int twoexpt(void *a, int n)
+{
+   LTC_ARGCHK(a != NULL);
+   return mpi_to_ltc_error(mp_2expt(a, n));
+}
+
+/* ---- conversions ---- */
+
+/* read ascii string */
+static int read_radix(void *a, const char *b, int radix)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   return mpi_to_ltc_error(mp_read_radix(a, b, radix));
+}
+
+/* write one */
+static int write_radix(void *a, char *b, int radix)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   return mpi_to_ltc_error(mp_toradix(a, b, radix));
+}
+
+/* get size as unsigned char string */
+static unsigned long unsigned_size(void *a)
+{
+   LTC_ARGCHK(a != NULL);
+   return mp_unsigned_bin_size(a);
+}
+
+/* store */
+static int unsigned_write(void *a, unsigned char *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   return mpi_to_ltc_error(mp_to_unsigned_bin(a, b));
+}
+
+/* read */
+static int unsigned_read(void *a, unsigned char *b, unsigned long len)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   return mpi_to_ltc_error(mp_read_unsigned_bin(a, b, len));
+}
+
+/* add */
+static int add(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   return mpi_to_ltc_error(mp_add(a, b, c));
+}
+  
+static int addi(void *a, unsigned long b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(c != NULL);
+   return mpi_to_ltc_error(mp_add_d(a, b, c));
+}
+
+/* sub */
+static int sub(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   return mpi_to_ltc_error(mp_sub(a, b, c));
+}
+
+static int subi(void *a, unsigned long b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(c != NULL);
+   return mpi_to_ltc_error(mp_sub_d(a, b, c));
+}
+
+/* mul */
+static int mul(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   return mpi_to_ltc_error(mp_mul(a, b, c));
+}
+
+static int muli(void *a, unsigned long b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(c != NULL);
+   return mpi_to_ltc_error(mp_mul_d(a, b, c));
+}
+
+/* sqr */
+static int sqr(void *a, void *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   return mpi_to_ltc_error(mp_sqr(a, b));
+}
+
+/* div */
+static int divide(void *a, void *b, void *c, void *d)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   return mpi_to_ltc_error(mp_div(a, b, c, d));
+}
+
+static int div_2(void *a, void *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   return mpi_to_ltc_error(mp_div_2(a, b));
+}
+
+/* modi */
+static int modi(void *a, unsigned long b, unsigned long *c)
+{
+   mp_digit tmp;
+   int      err;
+
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(c != NULL);
+
+   if ((err = mpi_to_ltc_error(mp_mod_d(a, b, &tmp))) != CRYPT_OK) {
+      return err;
+   }
+   *c = tmp;
+   return CRYPT_OK;
+}  
+
+/* gcd */
+static int gcd(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   return mpi_to_ltc_error(mp_gcd(a, b, c));
+}
+
+/* lcm */
+static int lcm(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   return mpi_to_ltc_error(mp_lcm(a, b, c));
+}
+
+static int mulmod(void *a, void *b, void *c, void *d)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   LTC_ARGCHK(d != NULL);
+   return mpi_to_ltc_error(mp_mulmod(a,b,c,d));
+}
+
+static int sqrmod(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   return mpi_to_ltc_error(mp_sqrmod(a,b,c));
+}
+
+/* invmod */
+static int invmod(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   return mpi_to_ltc_error(mp_invmod(a, b, c));
+}
+
+/* setup */
+static int montgomery_setup(void *a, void **b)
+{
+   int err;
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   *b = XCALLOC(1, sizeof(mp_digit));
+   if (*b == NULL) {
+      return CRYPT_MEM;
+   }
+   if ((err = mpi_to_ltc_error(mp_montgomery_setup(a, (mp_digit *)*b))) != CRYPT_OK) {
+      XFREE(*b);
+   }
+   return err;
+}
+
+/* get normalization value */
+static int montgomery_normalization(void *a, void *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   return mpi_to_ltc_error(mp_montgomery_calc_normalization(a, b));
+}
+
+/* reduce */
+static int montgomery_reduce(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   return mpi_to_ltc_error(mp_montgomery_reduce(a, b, *((mp_digit *)c)));
+}
+
+/* clean up */
+static void montgomery_deinit(void *a)
+{
+   XFREE(a);
+}
+
+static int exptmod(void *a, void *b, void *c, void *d)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   LTC_ARGCHK(d != NULL);
+   return mpi_to_ltc_error(mp_exptmod(a,b,c,d));
+}   
+
+static int isprime(void *a, int *b)
+{
+   int err;
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   err = mpi_to_ltc_error(mp_prime_is_prime(a, 8, b));
+   *b = (*b == MP_YES) ? LTC_MP_YES : LTC_MP_NO;
+   return err;
+}   
+
+const ltc_math_descriptor ltm_desc = {
+
+   "LibTomMath",
+   (int)DIGIT_BIT,
+
+   &init,
+   &init_copy,
+   &deinit,
+
+   &neg,
+   &copy,
+
+   &set_int,
+   &get_int,
+   &get_digit,
+   &get_digit_count,
+   &compare,
+   &compare_d,
+   &count_bits,
+   &count_lsb_bits,
+   &twoexpt,
+
+   &read_radix,
+   &write_radix,
+   &unsigned_size,
+   &unsigned_write,
+   &unsigned_read,
+
+   &add,
+   &addi,
+   &sub,
+   &subi,
+   &mul,
+   &muli,
+   &sqr,
+   &divide,
+   &div_2,
+   &modi,
+   &gcd,
+   &lcm,
+
+   &mulmod,
+   &sqrmod,
+   &invmod,
+   
+   &montgomery_setup,
+   &montgomery_normalization,
+   &montgomery_reduce,
+   &montgomery_deinit,
+
+   &exptmod,
+   &isprime,
+
+#ifdef MECC
+#ifdef MECC_FP
+   &ltc_ecc_fp_mulmod,
+#else   
+   &ltc_ecc_mulmod,
+#endif
+   &ltc_ecc_projective_add_point,
+   &ltc_ecc_projective_dbl_point,
+   &ltc_ecc_map,
+#ifdef LTC_ECC_SHAMIR
+#ifdef MECC_FP
+   &ltc_ecc_fp_mul2add,
+#else
+   &ltc_ecc_mul2add,
+#endif /* MECC_FP */
+#else
+   NULL,
+#endif /* LTC_ECC_SHAMIR */
+#else
+   NULL, NULL, NULL, NULL, NULL,
+#endif /* MECC */
+
+#ifdef MRSA
+   &rsa_make_key,
+   &rsa_exptmod,
+#else
+   NULL, NULL
+#endif
+};
+
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/math/ltm_desc.c,v $ */
+/* $Revision: 1.29 $ */
+/* $Date: 2006/12/03 00:39:56 $ */
diff --git a/libtomcrypt/src/math/multi.c b/libtomcrypt/src/math/multi.c
new file mode 100644
index 0000000..8ee4d79
--- /dev/null
+++ b/libtomcrypt/src/math/multi.c
@@ -0,0 +1,61 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+#ifdef MPI
+#include <stdarg.h>
+
+int ltc_init_multi(void **a, ...)
+{
+   void    **cur = a;
+   int       np  = 0;
+   va_list   args;
+
+   va_start(args, a);
+   while (cur != NULL) {
+       if (mp_init(cur) != CRYPT_OK) {
+          /* failed */
+          va_list clean_list;
+
+          va_start(clean_list, a);
+          cur = a;
+          while (np--) {
+              mp_clear(*cur);
+              cur = va_arg(clean_list, void**);
+          }
+          va_end(clean_list);
+          return CRYPT_MEM;
+       }
+       ++np;
+       cur = va_arg(args, void**);
+   }
+   va_end(args);
+   return CRYPT_OK;   
+}
+
+void ltc_deinit_multi(void *a, ...)
+{
+   void     *cur = a;
+   va_list   args;
+
+   va_start(args, a);
+   while (cur != NULL) {
+       mp_clear(cur);
+       cur = va_arg(args, void *);
+   }
+   va_end(args);
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/math/multi.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/math/rand_prime.c b/libtomcrypt/src/math/rand_prime.c
new file mode 100644
index 0000000..05477fe
--- /dev/null
+++ b/libtomcrypt/src/math/rand_prime.c
@@ -0,0 +1,87 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file rand_prime.c
+  Generate a random prime, Tom St Denis
+*/  
+
+#define USE_BBS 1
+
+int rand_prime(void *N, long len, prng_state *prng, int wprng)
+{
+   int            err, res, type;
+   unsigned char *buf;
+
+   LTC_ARGCHK(N != NULL);
+
+   /* get type */
+   if (len < 0) {
+      type = USE_BBS;
+      len = -len;
+   } else {
+      type = 0;
+   }
+
+   /* allow sizes between 2 and 512 bytes for a prime size */
+   if (len < 2 || len > 512) { 
+      return CRYPT_INVALID_PRIME_SIZE;
+   }
+   
+   /* valid PRNG? Better be! */
+   if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
+      return err; 
+   }
+
+   /* allocate buffer to work with */
+   buf = XCALLOC(1, len);
+   if (buf == NULL) {
+       return CRYPT_MEM;
+   }
+
+   do {
+      /* generate value */
+      if (prng_descriptor[wprng].read(buf, len, prng) != (unsigned long)len) {
+         XFREE(buf);
+         return CRYPT_ERROR_READPRNG;
+      }
+
+      /* munge bits */
+      buf[0]     |= 0x80 | 0x40;
+      buf[len-1] |= 0x01 | ((type & USE_BBS) ? 0x02 : 0x00);
+ 
+      /* load value */
+      if ((err = mp_read_unsigned_bin(N, buf, len)) != CRYPT_OK) {
+         XFREE(buf);
+         return err;
+      }
+
+      /* test */
+      if ((err = mp_prime_is_prime(N, 8, &res)) != CRYPT_OK) {
+         XFREE(buf);
+         return err;
+      }
+   } while (res == LTC_MP_NO);
+
+#ifdef LTC_CLEAN_STACK
+   zeromem(buf, len);
+#endif
+
+   XFREE(buf);
+   return CRYPT_OK;
+}
+      
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/math/rand_prime.c,v $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/math/tfm_desc.c b/libtomcrypt/src/math/tfm_desc.c
new file mode 100644
index 0000000..023756d
--- /dev/null
+++ b/libtomcrypt/src/math/tfm_desc.c
@@ -0,0 +1,777 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+#define DESC_DEF_ONLY
+#include "tomcrypt.h"
+
+#ifdef TFM_DESC
+
+#include <tfm.h>
+
+static const struct {
+    int tfm_code, ltc_code;
+} tfm_to_ltc_codes[] = {
+   { FP_OKAY ,  CRYPT_OK},
+   { FP_MEM  ,  CRYPT_MEM},
+   { FP_VAL  ,  CRYPT_INVALID_ARG},
+};
+
+/**
+   Convert a tfm error to a LTC error (Possibly the most powerful function ever!  Oh wait... no) 
+   @param err    The error to convert
+   @return The equivalent LTC error code or CRYPT_ERROR if none found
+*/
+static int tfm_to_ltc_error(int err)
+{
+   int x;
+
+   for (x = 0; x < (int)(sizeof(tfm_to_ltc_codes)/sizeof(tfm_to_ltc_codes[0])); x++) {
+       if (err == tfm_to_ltc_codes[x].tfm_code) { 
+          return tfm_to_ltc_codes[x].ltc_code;
+       }
+   }
+   return CRYPT_ERROR;
+}
+
+static int init(void **a)
+{
+   LTC_ARGCHK(a != NULL);
+
+   *a = XCALLOC(1, sizeof(fp_int));
+   if (*a == NULL) {
+      return CRYPT_MEM;
+   }
+   fp_init(*a);
+   return CRYPT_OK;
+}
+
+static void deinit(void *a)
+{
+   LTC_ARGCHKVD(a != NULL);
+   XFREE(a);
+}
+
+static int neg(void *a, void *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   fp_neg(((fp_int*)a), ((fp_int*)b));
+   return CRYPT_OK;
+}
+
+static int copy(void *a, void *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   fp_copy(a, b);
+   return CRYPT_OK;
+}
+
+static int init_copy(void **a, void *b)
+{
+   if (init(a) != CRYPT_OK) {
+      return CRYPT_MEM;
+   }
+   return copy(b, *a);
+}
+
+/* ---- trivial ---- */
+static int set_int(void *a, unsigned long b)
+{
+   LTC_ARGCHK(a != NULL);
+   fp_set(a, b);
+   return CRYPT_OK;
+}
+
+static unsigned long get_int(void *a)
+{
+   fp_int *A;
+   LTC_ARGCHK(a != NULL);
+   A = a;
+   return A->used > 0 ? A->dp[0] : 0;
+}
+
+static unsigned long get_digit(void *a, int n)
+{
+   fp_int *A;
+   LTC_ARGCHK(a != NULL);
+   A = a;
+   return (n >= A->used || n < 0) ? 0 : A->dp[n];
+}
+
+static int get_digit_count(void *a)
+{
+   fp_int *A;
+   LTC_ARGCHK(a != NULL);
+   A = a;
+   return A->used;
+}
+   
+static int compare(void *a, void *b)
+{
+   int ret;
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   ret = fp_cmp(a, b);
+   switch (ret) {
+      case FP_LT: return LTC_MP_LT;
+      case FP_EQ: return LTC_MP_EQ;
+      case FP_GT: return LTC_MP_GT;
+   }
+   return 0;
+}
+
+static int compare_d(void *a, unsigned long b)
+{
+   int ret;
+   LTC_ARGCHK(a != NULL);
+   ret = fp_cmp_d(a, b);
+   switch (ret) {
+      case FP_LT: return LTC_MP_LT;
+      case FP_EQ: return LTC_MP_EQ;
+      case FP_GT: return LTC_MP_GT;
+   }
+   return 0;
+}
+
+static int count_bits(void *a)
+{
+   LTC_ARGCHK(a != NULL);
+   return fp_count_bits(a);
+}
+
+static int count_lsb_bits(void *a)
+{
+   LTC_ARGCHK(a != NULL);
+   return fp_cnt_lsb(a);
+}
+
+static int twoexpt(void *a, int n)
+{
+   LTC_ARGCHK(a != NULL);
+   fp_2expt(a, n);
+   return CRYPT_OK;
+}
+
+/* ---- conversions ---- */
+
+/* read ascii string */
+static int read_radix(void *a, const char *b, int radix)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   return tfm_to_ltc_error(fp_read_radix(a, (char *)b, radix));
+}
+
+/* write one */
+static int write_radix(void *a, char *b, int radix)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   return tfm_to_ltc_error(fp_toradix(a, b, radix));
+}
+
+/* get size as unsigned char string */
+static unsigned long unsigned_size(void *a)
+{
+   LTC_ARGCHK(a != NULL);
+   return fp_unsigned_bin_size(a);
+}
+
+/* store */
+static int unsigned_write(void *a, unsigned char *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   fp_to_unsigned_bin(a, b);
+   return CRYPT_OK;
+}
+
+/* read */
+static int unsigned_read(void *a, unsigned char *b, unsigned long len)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   fp_read_unsigned_bin(a, b, len);
+   return CRYPT_OK;
+}
+
+/* add */
+static int add(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   fp_add(a, b, c);
+   return CRYPT_OK;
+}
+  
+static int addi(void *a, unsigned long b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(c != NULL);
+   fp_add_d(a, b, c);
+   return CRYPT_OK;
+}
+
+/* sub */
+static int sub(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   fp_sub(a, b, c);
+   return CRYPT_OK;
+}
+
+static int subi(void *a, unsigned long b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(c != NULL);
+   fp_sub_d(a, b, c);
+   return CRYPT_OK;
+}
+
+/* mul */
+static int mul(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   fp_mul(a, b, c); 
+   return CRYPT_OK;
+}
+
+static int muli(void *a, unsigned long b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(c != NULL);
+   fp_mul_d(a, b, c);
+   return CRYPT_OK;
+}
+
+/* sqr */
+static int sqr(void *a, void *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   fp_sqr(a, b);
+   return CRYPT_OK;
+}
+
+/* div */
+static int divide(void *a, void *b, void *c, void *d)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   return tfm_to_ltc_error(fp_div(a, b, c, d));
+}
+
+static int div_2(void *a, void *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   fp_div_2(a, b);
+   return CRYPT_OK;
+}
+
+/* modi */
+static int modi(void *a, unsigned long b, unsigned long *c)
+{
+   fp_digit tmp;
+   int      err;
+
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(c != NULL);
+
+   if ((err = tfm_to_ltc_error(fp_mod_d(a, b, &tmp))) != CRYPT_OK) {
+      return err;
+   }
+   *c = tmp;
+   return CRYPT_OK;
+}  
+
+/* gcd */
+static int gcd(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   fp_gcd(a, b, c);
+   return CRYPT_OK;
+}
+
+/* lcm */
+static int lcm(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   fp_lcm(a, b, c);
+   return CRYPT_OK;
+}
+
+static int mulmod(void *a, void *b, void *c, void *d)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   LTC_ARGCHK(d != NULL);
+   return tfm_to_ltc_error(fp_mulmod(a,b,c,d));
+}
+
+static int sqrmod(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   return tfm_to_ltc_error(fp_sqrmod(a,b,c));
+}
+
+/* invmod */
+static int invmod(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   return tfm_to_ltc_error(fp_invmod(a, b, c));
+}
+
+/* setup */
+static int montgomery_setup(void *a, void **b)
+{
+   int err;
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   *b = XCALLOC(1, sizeof(fp_digit));
+   if (*b == NULL) {
+      return CRYPT_MEM;
+   }
+   if ((err = tfm_to_ltc_error(fp_montgomery_setup(a, (fp_digit *)*b))) != CRYPT_OK) {
+      XFREE(*b);
+   }
+   return err;
+}
+
+/* get normalization value */
+static int montgomery_normalization(void *a, void *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   fp_montgomery_calc_normalization(a, b);
+   return CRYPT_OK;
+}
+
+/* reduce */
+static int montgomery_reduce(void *a, void *b, void *c)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   fp_montgomery_reduce(a, b, *((fp_digit *)c));
+   return CRYPT_OK;
+}
+
+/* clean up */
+static void montgomery_deinit(void *a)
+{
+   XFREE(a);
+}
+
+static int exptmod(void *a, void *b, void *c, void *d)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   LTC_ARGCHK(c != NULL);
+   LTC_ARGCHK(d != NULL);
+   return tfm_to_ltc_error(fp_exptmod(a,b,c,d));
+}   
+
+static int isprime(void *a, int *b)
+{
+   LTC_ARGCHK(a != NULL);
+   LTC_ARGCHK(b != NULL);
+   *b = (fp_isprime(a) == FP_YES) ? LTC_MP_YES : LTC_MP_NO;
+   return CRYPT_OK;
+}
+
+#if defined(MECC) && defined(MECC_ACCEL)
+
+static int tfm_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *modulus, void *Mp)
+{
+   fp_int t1, t2;
+   fp_digit mp;
+
+   LTC_ARGCHK(P       != NULL);
+   LTC_ARGCHK(R       != NULL);
+   LTC_ARGCHK(modulus != NULL);
+   LTC_ARGCHK(Mp      != NULL);
+
+   mp = *((fp_digit*)Mp);
+
+   fp_init(&t1);
+   fp_init(&t2);
+
+   if (P != R) {
+      fp_copy(P->x, R->x);
+      fp_copy(P->y, R->y);
+      fp_copy(P->z, R->z);
+   }
+
+   /* t1 = Z * Z */
+   fp_sqr(R->z, &t1);
+   fp_montgomery_reduce(&t1, modulus, mp);
+   /* Z = Y * Z */
+   fp_mul(R->z, R->y, R->z);
+   fp_montgomery_reduce(R->z, modulus, mp);
+   /* Z = 2Z */
+   fp_add(R->z, R->z, R->z);
+   if (fp_cmp(R->z, modulus) != FP_LT) {
+      fp_sub(R->z, modulus, R->z);
+   }
+   
+   /* &t2 = X - T1 */
+   fp_sub(R->x, &t1, &t2);
+   if (fp_cmp_d(&t2, 0) == FP_LT) {
+      fp_add(&t2, modulus, &t2);
+   }
+   /* T1 = X + T1 */
+   fp_add(&t1, R->x, &t1);
+   if (fp_cmp(&t1, modulus) != FP_LT) {
+      fp_sub(&t1, modulus, &t1);
+   }
+   /* T2 = T1 * T2 */
+   fp_mul(&t1, &t2, &t2);
+   fp_montgomery_reduce(&t2, modulus, mp);
+   /* T1 = 2T2 */
+   fp_add(&t2, &t2, &t1);
+   if (fp_cmp(&t1, modulus) != FP_LT) {
+      fp_sub(&t1, modulus, &t1);
+   }
+   /* T1 = T1 + T2 */
+   fp_add(&t1, &t2, &t1);
+   if (fp_cmp(&t1, modulus) != FP_LT) {
+      fp_sub(&t1, modulus, &t1);
+   }
+
+   /* Y = 2Y */
+   fp_add(R->y, R->y, R->y);
+   if (fp_cmp(R->y, modulus) != FP_LT) {
+      fp_sub(R->y, modulus, R->y);
+   }
+   /* Y = Y * Y */
+   fp_sqr(R->y, R->y);
+   fp_montgomery_reduce(R->y, modulus, mp);
+   /* T2 = Y * Y */
+   fp_sqr(R->y, &t2);
+   fp_montgomery_reduce(&t2, modulus, mp);
+   /* T2 = T2/2 */
+   if (fp_isodd(&t2)) {
+      fp_add(&t2, modulus, &t2);
+   }
+   fp_div_2(&t2, &t2);
+   /* Y = Y * X */
+   fp_mul(R->y, R->x, R->y);
+   fp_montgomery_reduce(R->y, modulus, mp);
+
+   /* X  = T1 * T1 */
+   fp_sqr(&t1, R->x);
+   fp_montgomery_reduce(R->x, modulus, mp);
+   /* X = X - Y */
+   fp_sub(R->x, R->y, R->x);
+   if (fp_cmp_d(R->x, 0) == FP_LT) {
+      fp_add(R->x, modulus, R->x);
+   }
+   /* X = X - Y */
+   fp_sub(R->x, R->y, R->x);
+   if (fp_cmp_d(R->x, 0) == FP_LT) {
+      fp_add(R->x, modulus, R->x);
+   }
+
+   /* Y = Y - X */     
+   fp_sub(R->y, R->x, R->y);
+   if (fp_cmp_d(R->y, 0) == FP_LT) {
+      fp_add(R->y, modulus, R->y);
+   }
+   /* Y = Y * T1 */
+   fp_mul(R->y, &t1, R->y);
+   fp_montgomery_reduce(R->y, modulus, mp);
+   /* Y = Y - T2 */
+   fp_sub(R->y, &t2, R->y);
+   if (fp_cmp_d(R->y, 0) == FP_LT) {
+      fp_add(R->y, modulus, R->y);
+   }
+ 
+   return CRYPT_OK;
+}
+
+/**
+   Add two ECC points
+   @param P        The point to add
+   @param Q        The point to add
+   @param R        [out] The destination of the double
+   @param modulus  The modulus of the field the ECC curve is in
+   @param mp       The "b" value from montgomery_setup()
+   @return CRYPT_OK on success
+*/
+static int tfm_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void *modulus, void *Mp)
+{
+   fp_int  t1, t2, x, y, z;
+   fp_digit mp;  
+   
+   LTC_ARGCHK(P       != NULL);
+   LTC_ARGCHK(Q       != NULL);
+   LTC_ARGCHK(R       != NULL);
+   LTC_ARGCHK(modulus != NULL);
+   LTC_ARGCHK(Mp      != NULL);
+
+   mp = *((fp_digit*)Mp);
+
+   fp_init(&t1);
+   fp_init(&t2);
+   fp_init(&x);
+   fp_init(&y);
+   fp_init(&z);
+
+   /* should we dbl instead? */
+   fp_sub(modulus, Q->y, &t1);
+   if ( (fp_cmp(P->x, Q->x) == FP_EQ) && 
+        (Q->z != NULL && fp_cmp(P->z, Q->z) == FP_EQ) &&
+        (fp_cmp(P->y, Q->y) == FP_EQ || fp_cmp(P->y, &t1) == FP_EQ)) {
+        return tfm_ecc_projective_dbl_point(P, R, modulus, Mp);
+   }
+
+   fp_copy(P->x, &x);
+   fp_copy(P->y, &y);
+   fp_copy(P->z, &z);
+
+   /* if Z is one then these are no-operations */
+   if (Q->z != NULL) {
+      /* T1 = Z' * Z' */
+      fp_sqr(Q->z, &t1);
+      fp_montgomery_reduce(&t1, modulus, mp);
+      /* X = X * T1 */
+      fp_mul(&t1, &x, &x);
+      fp_montgomery_reduce(&x, modulus, mp);
+      /* T1 = Z' * T1 */
+      fp_mul(Q->z, &t1, &t1);
+      fp_montgomery_reduce(&t1, modulus, mp);
+      /* Y = Y * T1 */
+      fp_mul(&t1, &y, &y);
+      fp_montgomery_reduce(&y, modulus, mp);
+   }
+
+   /* T1 = Z*Z */
+   fp_sqr(&z, &t1);
+   fp_montgomery_reduce(&t1, modulus, mp);
+   /* T2 = X' * T1 */
+   fp_mul(Q->x, &t1, &t2);
+   fp_montgomery_reduce(&t2, modulus, mp);
+   /* T1 = Z * T1 */
+   fp_mul(&z, &t1, &t1);
+   fp_montgomery_reduce(&t1, modulus, mp);
+   /* T1 = Y' * T1 */
+   fp_mul(Q->y, &t1, &t1);
+   fp_montgomery_reduce(&t1, modulus, mp);
+
+   /* Y = Y - T1 */
+   fp_sub(&y, &t1, &y);
+   if (fp_cmp_d(&y, 0) == FP_LT) {
+      fp_add(&y, modulus, &y);
+   }
+   /* T1 = 2T1 */
+   fp_add(&t1, &t1, &t1);
+   if (fp_cmp(&t1, modulus) != FP_LT) {
+      fp_sub(&t1, modulus, &t1);
+   }
+   /* T1 = Y + T1 */
+   fp_add(&t1, &y, &t1);
+   if (fp_cmp(&t1, modulus) != FP_LT) {
+      fp_sub(&t1, modulus, &t1);
+   }
+   /* X = X - T2 */
+   fp_sub(&x, &t2, &x);
+   if (fp_cmp_d(&x, 0) == FP_LT) {
+      fp_add(&x, modulus, &x);
+   }
+   /* T2 = 2T2 */
+   fp_add(&t2, &t2, &t2);
+   if (fp_cmp(&t2, modulus) != FP_LT) {
+      fp_sub(&t2, modulus, &t2);
+   }
+   /* T2 = X + T2 */
+   fp_add(&t2, &x, &t2);
+   if (fp_cmp(&t2, modulus) != FP_LT) {
+      fp_sub(&t2, modulus, &t2);
+   }
+
+   /* if Z' != 1 */
+   if (Q->z != NULL) {
+      /* Z = Z * Z' */
+      fp_mul(&z, Q->z, &z);
+      fp_montgomery_reduce(&z, modulus, mp);
+   }
+
+   /* Z = Z * X */
+   fp_mul(&z, &x, &z);
+   fp_montgomery_reduce(&z, modulus, mp);
+
+   /* T1 = T1 * X  */
+   fp_mul(&t1, &x, &t1);
+   fp_montgomery_reduce(&t1, modulus, mp);
+   /* X = X * X */
+   fp_sqr(&x, &x);
+   fp_montgomery_reduce(&x, modulus, mp);
+   /* T2 = T2 * x */
+   fp_mul(&t2, &x, &t2);
+   fp_montgomery_reduce(&t2, modulus, mp);
+   /* T1 = T1 * X  */
+   fp_mul(&t1, &x, &t1);
+   fp_montgomery_reduce(&t1, modulus, mp);
+ 
+   /* X = Y*Y */
+   fp_sqr(&y, &x);
+   fp_montgomery_reduce(&x, modulus, mp);
+   /* X = X - T2 */
+   fp_sub(&x, &t2, &x);
+   if (fp_cmp_d(&x, 0) == FP_LT) {
+      fp_add(&x, modulus, &x);
+   }
+
+   /* T2 = T2 - X */
+   fp_sub(&t2, &x, &t2);
+   if (fp_cmp_d(&t2, 0) == FP_LT) {
+      fp_add(&t2, modulus, &t2);
+   } 
+   /* T2 = T2 - X */
+   fp_sub(&t2, &x, &t2);
+   if (fp_cmp_d(&t2, 0) == FP_LT) {
+      fp_add(&t2, modulus, &t2);
+   }
+   /* T2 = T2 * Y */
+   fp_mul(&t2, &y, &t2);
+   fp_montgomery_reduce(&t2, modulus, mp);
+   /* Y = T2 - T1 */
+   fp_sub(&t2, &t1, &y);
+   if (fp_cmp_d(&y, 0) == FP_LT) {
+      fp_add(&y, modulus, &y);
+   }
+   /* Y = Y/2 */
+   if (fp_isodd(&y)) {
+      fp_add(&y, modulus, &y);
+   }
+   fp_div_2(&y, &y);
+
+   fp_copy(&x, R->x);
+   fp_copy(&y, R->y);
+   fp_copy(&z, R->z);
+   
+   return CRYPT_OK;
+}
+
+
+#endif
+
+const ltc_math_descriptor tfm_desc = {
+
+   "TomsFastMath",
+   (int)DIGIT_BIT,
+
+   &init,
+   &init_copy,
+   &deinit,
+
+   &neg,
+   &copy,
+
+   &set_int,
+   &get_int,
+   &get_digit,
+   &get_digit_count,
+   &compare,
+   &compare_d,
+   &count_bits,
+   &count_lsb_bits,
+   &twoexpt,
+
+   &read_radix,
+   &write_radix,
+   &unsigned_size,
+   &unsigned_write,
+   &unsigned_read,
+
+   &add,
+   &addi,
+   &sub,
+   &subi,
+   &mul,
+   &muli,
+   &sqr,
+   &divide,
+   &div_2,
+   &modi,
+   &gcd,
+   &lcm,
+
+   &mulmod,
+   &sqrmod,
+   &invmod,
+
+   &montgomery_setup,
+   &montgomery_normalization,
+   &montgomery_reduce,
+   &montgomery_deinit,
+
+   &exptmod,
+   &isprime,
+
+#ifdef MECC
+#ifdef MECC_FP
+   &ltc_ecc_fp_mulmod,
+#else
+   &ltc_ecc_mulmod,
+#endif /* MECC_FP */
+#ifdef MECC_ACCEL
+   &tfm_ecc_projective_add_point,
+   &tfm_ecc_projective_dbl_point,
+#else
+   &ltc_ecc_projective_add_point,
+   &ltc_ecc_projective_dbl_point,
+#endif /* MECC_ACCEL */
+   &ltc_ecc_map,
+#ifdef LTC_ECC_SHAMIR
+#ifdef MECC_FP
+   &ltc_ecc_fp_mul2add,
+#else
+   &ltc_ecc_mul2add,
+#endif /* MECC_FP */
+#else
+   NULL,
+#endif /* LTC_ECC_SHAMIR */
+#else
+   NULL, NULL, NULL, NULL, NULL,
+#endif /* MECC */
+
+#ifdef MRSA
+   &rsa_make_key,
+   &rsa_exptmod,
+#else
+   NULL, NULL
+#endif
+   
+};
+
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/math/tfm_desc.c,v $ */
+/* $Revision: 1.26 $ */
+/* $Date: 2006/12/03 00:39:56 $ */
diff --git a/libtomcrypt/src/misc/base64/base64_decode.c b/libtomcrypt/src/misc/base64/base64_decode.c
index 551add1..6a39baf 100644
--- a/libtomcrypt/src/misc/base64/base64_decode.c
+++ b/libtomcrypt/src/misc/base64/base64_decode.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -100,5 +100,5 @@ int base64_decode(const unsigned char *in,  unsigned long inlen,
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/base64/base64_decode.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/base64/base64_encode.c b/libtomcrypt/src/misc/base64/base64_encode.c
index 5978643..ac4df35 100644
--- a/libtomcrypt/src/misc/base64/base64_encode.c
+++ b/libtomcrypt/src/misc/base64/base64_encode.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -42,6 +42,7 @@ int base64_encode(const unsigned char *in,  unsigned long inlen,
    /* valid output size ? */
    len2 = 4 * ((inlen + 2) / 3);
    if (*outlen < len2 + 1) {
+      *outlen = len2 + 1;
       return CRYPT_BUFFER_OVERFLOW;
    }
    p = out;
@@ -76,5 +77,5 @@ int base64_encode(const unsigned char *in,  unsigned long inlen,
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/base64/base64_encode.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/06/16 21:53:41 $ */
diff --git a/libtomcrypt/src/misc/burn_stack.c b/libtomcrypt/src/misc/burn_stack.c
index 7ac6518..0beee92 100644
--- a/libtomcrypt/src/misc/burn_stack.c
+++ b/libtomcrypt/src/misc/burn_stack.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -30,5 +30,5 @@ void burn_stack(unsigned long len)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/burn_stack.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt.c b/libtomcrypt/src/misc/crypt/crypt.c
index eb75b8d..8603943 100644
--- a/libtomcrypt/src/misc/crypt/crypt.c
+++ b/libtomcrypt/src/misc/crypt/crypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -111,6 +111,12 @@ const char *crypt_build_settings =
    " (tweaked)"
 #endif
    "\n"
+#if defined(KSEED)
+   "   KSEED\n"
+#endif
+#if defined(LTC_KASUMI)
+   "   KASUMI\n"
+#endif
 
     "\nHashes built-in:\n"
 #if defined(SHA512)
@@ -154,35 +160,55 @@ const char *crypt_build_settings =
 #endif
 
     "\nBlock Chaining Modes:\n"
-#if defined(CFB)
+#if defined(LTC_CFB_MODE)
     "   CFB\n"
 #endif
-#if defined(OFB)
+#if defined(LTC_OFB_MODE)
     "   OFB\n"
 #endif
-#if defined(ECB)
+#if defined(LTC_ECB_MODE)
     "   ECB\n"
 #endif
-#if defined(CBC)
+#if defined(LTC_CBC_MODE)
     "   CBC\n"
 #endif
-#if defined(CTR)
-    "   CTR\n"
+#if defined(LTC_CTR_MODE)
+    "   CTR "
+#endif
+#if defined(LTC_CTR_OLD)
+    " (CTR_OLD) "
+#endif
+    "\n"
+#if defined(LRW_MODE)
+    "   LRW_MODE"
+#if defined(LRW_TABLES)
+    " (LRW_TABLES) "
 #endif
+    "\n"
+#endif
+#if defined(LTC_F8_MODE)
+    "   F8 MODE\n"
+#endif    
 
     "\nMACs:\n"
-#if defined(HMAC)
+#if defined(LTC_HMAC)
     "   HMAC\n"
 #endif
-#if defined(OMAC)
+#if defined(LTC_OMAC)
     "   OMAC\n"
 #endif
-#if defined(PMAC)
+#if defined(LTC_PMAC)
     "   PMAC\n"
 #endif
 #if defined(PELICAN)
     "   PELICAN\n"
 #endif
+#if defined(LTC_XCBC)
+    "   XCBC-MAC\n"
+#endif
+#if defined(LTC_F9_MODE)
+    "   F9-MAC\n"
+#endif
 
     "\nENC + AUTH modes:\n"
 #if defined(EAX_MODE)
@@ -202,7 +228,6 @@ const char *crypt_build_settings =
 #endif
    "\n"
 
-
     "\nPRNG:\n"
 #if defined(YARROW)
     "   Yarrow\n"
@@ -224,24 +249,24 @@ const char *crypt_build_settings =
 #if defined(MRSA)
     "   RSA \n"
 #endif
-#if defined(MDH)
-    "   DH\n"
-#endif
 #if defined(MECC)
     "   ECC\n"
 #endif
 #if defined(MDSA)
     "   DSA\n"
 #endif
+#if defined(MKAT)
+    "   Katja\n"
+#endif    
 
     "\nCompiler:\n"
 #if defined(WIN32)
     "   WIN32 platform detected.\n"
 #endif
-#if defined(LBL_CYGWIN__)
+#if defined(__CYGWIN__)
     "   CYGWIN Detected.\n"
 #endif
-#if defined(LBL_DJGPP__)
+#if defined(__DJGPP__)
     "   DJGPP Detected.\n"
 #endif
 #if defined(_MSC_VER)
@@ -253,9 +278,12 @@ const char *crypt_build_settings =
 #if defined(INTEL_CC)
     "   Intel C Compiler detected.\n"
 #endif
-#if defined(LBL_x86_64__)
+#if defined(__x86_64__)
     "   x86-64 detected.\n"
 #endif
+#if defined(LTC_PPC32)
+    "   LTC_PPC32 defined \n"
+#endif    
 
     "\nVarious others: "
 #if defined(BASE64)
@@ -306,6 +334,27 @@ const char *crypt_build_settings =
 #if defined(LTC_PTHREAD)
     " LTC_PTHREAD "
 #endif
+#if defined(LTM_DESC)
+    " LTM_DESC "
+#endif
+#if defined(TFM_DESC)
+    " TFM_DESC "
+#endif
+#if defined(MECC_ACCEL)
+    " MECC_ACCEL "
+#endif
+#if defined(GMP_DESC)
+    " GMP_DESC "
+#endif
+#if defined(LTC_EASY)
+    " (easy) "
+#endif    
+#if defined(MECC_FP)
+   " MECC_FP "
+#endif
+#if defined(LTC_ECC_SHAMIR)
+   " LTC_ECC_SHAMIR "
+#endif
     "\n"
     "\n\n\n"
     ;
@@ -313,5 +362,5 @@ const char *crypt_build_settings =
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt.c,v $ */
-/* $Revision: 1.11 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.27 $ */
+/* $Date: 2006/12/03 03:50:45 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_argchk.c b/libtomcrypt/src/misc/crypt/crypt_argchk.c
index 699c6cf..c6675ef 100644
--- a/libtomcrypt/src/misc/crypt/crypt_argchk.c
+++ b/libtomcrypt/src/misc/crypt/crypt_argchk.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 #include <signal.h>
@@ -26,5 +26,5 @@ void crypt_argchk(char *v, char *s, int d)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_argchk.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_cipher_descriptor.c b/libtomcrypt/src/misc/crypt/crypt_cipher_descriptor.c
index 127e85c..880c149 100644
--- a/libtomcrypt/src/misc/crypt/crypt_cipher_descriptor.c
+++ b/libtomcrypt/src/misc/crypt/crypt_cipher_descriptor.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -16,12 +16,12 @@
 */
 
 struct ltc_cipher_descriptor cipher_descriptor[TAB_SIZE] = {
-{ NULL, 0, 0, 0, 0, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }
+{ NULL, 0, 0, 0, 0, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }
  };
 
-LTC_MUTEX_GLOBAL(ltc_cipher_mutex);
+LTC_MUTEX_GLOBAL(ltc_cipher_mutex)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_cipher_descriptor.c,v $ */
-/* $Revision: 1.8 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/11/08 23:01:06 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_cipher_is_valid.c b/libtomcrypt/src/misc/crypt/crypt_cipher_is_valid.c
index 7830303..0f8202b 100644
--- a/libtomcrypt/src/misc/crypt/crypt_cipher_is_valid.c
+++ b/libtomcrypt/src/misc/crypt/crypt_cipher_is_valid.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -32,5 +32,5 @@ int cipher_is_valid(int idx)
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_cipher_is_valid.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_find_cipher.c b/libtomcrypt/src/misc/crypt/crypt_find_cipher.c
index e7fba73..27c59eb 100644
--- a/libtomcrypt/src/misc/crypt/crypt_find_cipher.c
+++ b/libtomcrypt/src/misc/crypt/crypt_find_cipher.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -26,7 +26,7 @@ int find_cipher(const char *name)
    LTC_ARGCHK(name != NULL);
    LTC_MUTEX_LOCK(&ltc_cipher_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
-       if (cipher_descriptor[x].name != NULL && !strcmp(cipher_descriptor[x].name, name)) {
+       if (cipher_descriptor[x].name != NULL && !XSTRCMP(cipher_descriptor[x].name, name)) {
           LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
           return x;
        }
@@ -37,5 +37,5 @@ int find_cipher(const char *name)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_find_cipher.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/11/29 23:43:57 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_find_cipher_any.c b/libtomcrypt/src/misc/crypt/crypt_find_cipher_any.c
index 6dd0e6d..393eded 100644
--- a/libtomcrypt/src/misc/crypt/crypt_find_cipher_any.c
+++ b/libtomcrypt/src/misc/crypt/crypt_find_cipher_any.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -46,5 +46,5 @@ int find_cipher_any(const char *name, int blocklen, int keylen)
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_find_cipher_any.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_find_cipher_id.c b/libtomcrypt/src/misc/crypt/crypt_find_cipher_id.c
index 5f5f874..8de73c6 100644
--- a/libtomcrypt/src/misc/crypt/crypt_find_cipher_id.c
+++ b/libtomcrypt/src/misc/crypt/crypt_find_cipher_id.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -36,5 +36,5 @@ int find_cipher_id(unsigned char ID)
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_find_cipher_id.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_find_hash.c b/libtomcrypt/src/misc/crypt/crypt_find_hash.c
index d02a449..cd60413 100644
--- a/libtomcrypt/src/misc/crypt/crypt_find_hash.c
+++ b/libtomcrypt/src/misc/crypt/crypt_find_hash.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -26,7 +26,7 @@ int find_hash(const char *name)
    LTC_ARGCHK(name != NULL);
    LTC_MUTEX_LOCK(&ltc_hash_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
-       if (hash_descriptor[x].name != NULL && strcmp(hash_descriptor[x].name, name) == 0) {
+       if (hash_descriptor[x].name != NULL && XSTRCMP(hash_descriptor[x].name, name) == 0) {
           LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
           return x;
        }
@@ -36,5 +36,5 @@ int find_hash(const char *name)
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_find_hash.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/11/29 23:43:57 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_find_hash_any.c b/libtomcrypt/src/misc/crypt/crypt_find_hash_any.c
index 1172f22..b2cfccd 100644
--- a/libtomcrypt/src/misc/crypt/crypt_find_hash_any.c
+++ b/libtomcrypt/src/misc/crypt/crypt_find_hash_any.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -45,5 +45,5 @@
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_find_hash_any.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_find_hash_id.c b/libtomcrypt/src/misc/crypt/crypt_find_hash_id.c
index 8cd0d38..e59ca00 100644
--- a/libtomcrypt/src/misc/crypt/crypt_find_hash_id.c
+++ b/libtomcrypt/src/misc/crypt/crypt_find_hash_id.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -36,5 +36,5 @@ int find_hash_id(unsigned char ID)
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_find_hash_id.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/06/19 18:03:25 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_find_hash_oid.c b/libtomcrypt/src/misc/crypt/crypt_find_hash_oid.c
new file mode 100644
index 0000000..d04f80c
--- /dev/null
+++ b/libtomcrypt/src/misc/crypt/crypt_find_hash_oid.c
@@ -0,0 +1,35 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file crypt_find_hash_oid.c
+  Find a hash, Tom St Denis
+*/
+
+int find_hash_oid(const unsigned long *ID, unsigned long IDlen)
+{
+   int x;
+   LTC_ARGCHK(ID != NULL);
+   LTC_MUTEX_LOCK(&ltc_hash_mutex);
+   for (x = 0; x < TAB_SIZE; x++) {
+       if (hash_descriptor[x].name != NULL && hash_descriptor[x].OIDlen == IDlen && !XMEMCMP(hash_descriptor[x].OID, ID, sizeof(unsigned long) * IDlen)) {
+          LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
+          return x;
+       }
+   }
+   LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
+   return -1;
+}
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_find_hash_oid.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_find_prng.c b/libtomcrypt/src/misc/crypt/crypt_find_prng.c
index 503813d..4b3bc5a 100644
--- a/libtomcrypt/src/misc/crypt/crypt_find_prng.c
+++ b/libtomcrypt/src/misc/crypt/crypt_find_prng.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -26,7 +26,7 @@ int find_prng(const char *name)
    LTC_ARGCHK(name != NULL);
    LTC_MUTEX_LOCK(&ltc_prng_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
-       if ((prng_descriptor[x].name != NULL) && strcmp(prng_descriptor[x].name, name) == 0) {
+       if ((prng_descriptor[x].name != NULL) && XSTRCMP(prng_descriptor[x].name, name) == 0) {
           LTC_MUTEX_UNLOCK(&ltc_prng_mutex);
           return x;
        }
@@ -37,5 +37,5 @@ int find_prng(const char *name)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_find_prng.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/11/29 23:43:57 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_fsa.c b/libtomcrypt/src/misc/crypt/crypt_fsa.c
new file mode 100644
index 0000000..a9569b7
--- /dev/null
+++ b/libtomcrypt/src/misc/crypt/crypt_fsa.c
@@ -0,0 +1,59 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+#include <stdarg.h>
+
+/**
+  @file crypt_fsa.c
+  LibTomCrypt FULL SPEED AHEAD!, Tom St Denis
+*/  
+
+/* format is ltc_mp, cipher_desc, [cipher_desc], NULL, hash_desc, [hash_desc], NULL, prng_desc, [prng_desc], NULL */
+int crypt_fsa(void *mp, ...)
+{
+   int      err;
+   va_list  args;
+   void     *p;
+
+   va_start(args, mp);
+   if (mp != NULL) {
+      XMEMCPY(&ltc_mp, mp, sizeof(ltc_mp));
+   }
+   
+   while ((p = va_arg(args, void*)) != NULL) {
+      if ((err = register_cipher(p)) != CRYPT_OK) {
+         va_end(args);
+         return err;
+      }
+   }
+
+   while ((p = va_arg(args, void*)) != NULL) {
+      if ((err = register_hash(p)) != CRYPT_OK) {
+         va_end(args);
+         return err;
+      }
+   }
+
+   while ((p = va_arg(args, void*)) != NULL) {
+      if ((err = register_prng(p)) != CRYPT_OK) {
+         va_end(args);
+         return err;
+      }
+   }
+
+   va_end(args);
+   return CRYPT_OK;   
+}
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_fsa.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/11/13 23:14:33 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_hash_descriptor.c b/libtomcrypt/src/misc/crypt/crypt_hash_descriptor.c
index f8583d8..5fa59f1 100644
--- a/libtomcrypt/src/misc/crypt/crypt_hash_descriptor.c
+++ b/libtomcrypt/src/misc/crypt/crypt_hash_descriptor.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -16,12 +16,12 @@
 */
 
 struct ltc_hash_descriptor hash_descriptor[TAB_SIZE] = {
-{ NULL, 0, 0, 0, { 0 }, 0, NULL, NULL, NULL, NULL }
+{ NULL, 0, 0, 0, { 0 }, 0, NULL, NULL, NULL, NULL, NULL }
 };
 
-LTC_MUTEX_GLOBAL(ltc_hash_mutex);
+LTC_MUTEX_GLOBAL(ltc_hash_mutex)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_hash_descriptor.c,v $ */
-/* $Revision: 1.6 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_hash_is_valid.c b/libtomcrypt/src/misc/crypt/crypt_hash_is_valid.c
index a8130d4..54a91eb 100644
--- a/libtomcrypt/src/misc/crypt/crypt_hash_is_valid.c
+++ b/libtomcrypt/src/misc/crypt/crypt_hash_is_valid.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -32,5 +32,5 @@ int hash_is_valid(int idx)
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_hash_is_valid.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_ltc_mp_descriptor.c b/libtomcrypt/src/misc/crypt/crypt_ltc_mp_descriptor.c
new file mode 100644
index 0000000..907862f
--- /dev/null
+++ b/libtomcrypt/src/misc/crypt/crypt_ltc_mp_descriptor.c
@@ -0,0 +1,13 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+ltc_math_descriptor ltc_mp;
diff --git a/libtomcrypt/src/misc/crypt/crypt_prng_descriptor.c b/libtomcrypt/src/misc/crypt/crypt_prng_descriptor.c
index 7335f5d..a2b5f0e 100644
--- a/libtomcrypt/src/misc/crypt/crypt_prng_descriptor.c
+++ b/libtomcrypt/src/misc/crypt/crypt_prng_descriptor.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -18,9 +18,9 @@ struct ltc_prng_descriptor prng_descriptor[TAB_SIZE] = {
 { NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }
 };
 
-LTC_MUTEX_GLOBAL(ltc_prng_mutex);
+LTC_MUTEX_GLOBAL(ltc_prng_mutex)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_prng_descriptor.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_prng_is_valid.c b/libtomcrypt/src/misc/crypt/crypt_prng_is_valid.c
index a7a7ed6..6af0a3c 100644
--- a/libtomcrypt/src/misc/crypt/crypt_prng_is_valid.c
+++ b/libtomcrypt/src/misc/crypt/crypt_prng_is_valid.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -32,5 +32,5 @@ int prng_is_valid(int idx)
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_prng_is_valid.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_register_cipher.c b/libtomcrypt/src/misc/crypt/crypt_register_cipher.c
index c55d7c0..8d74cc5 100644
--- a/libtomcrypt/src/misc/crypt/crypt_register_cipher.c
+++ b/libtomcrypt/src/misc/crypt/crypt_register_cipher.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -50,5 +50,5 @@ int register_cipher(const struct ltc_cipher_descriptor *cipher)
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_register_cipher.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_register_hash.c b/libtomcrypt/src/misc/crypt/crypt_register_hash.c
index 0ff521f..45d0e85 100644
--- a/libtomcrypt/src/misc/crypt/crypt_register_hash.c
+++ b/libtomcrypt/src/misc/crypt/crypt_register_hash.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -29,7 +29,7 @@ int register_hash(const struct ltc_hash_descriptor *hash)
    /* is it already registered? */
    LTC_MUTEX_LOCK(&ltc_hash_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
-       if (memcmp(&hash_descriptor[x], hash, sizeof(struct ltc_hash_descriptor)) == 0) {
+       if (XMEMCMP(&hash_descriptor[x], hash, sizeof(struct ltc_hash_descriptor)) == 0) {
           LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
           return x;
        }
@@ -50,5 +50,5 @@ int register_hash(const struct ltc_hash_descriptor *hash)
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_register_hash.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_register_prng.c b/libtomcrypt/src/misc/crypt/crypt_register_prng.c
index 5ab4a49..a834c47 100644
--- a/libtomcrypt/src/misc/crypt/crypt_register_prng.c
+++ b/libtomcrypt/src/misc/crypt/crypt_register_prng.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -29,7 +29,7 @@ int register_prng(const struct ltc_prng_descriptor *prng)
    /* is it already registered? */
    LTC_MUTEX_LOCK(&ltc_prng_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
-       if (memcmp(&prng_descriptor[x], prng, sizeof(struct ltc_prng_descriptor)) == 0) {
+       if (XMEMCMP(&prng_descriptor[x], prng, sizeof(struct ltc_prng_descriptor)) == 0) {
           LTC_MUTEX_UNLOCK(&ltc_prng_mutex);
           return x;
        }
@@ -50,5 +50,5 @@ int register_prng(const struct ltc_prng_descriptor *prng)
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_register_prng.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_unregister_cipher.c b/libtomcrypt/src/misc/crypt/crypt_unregister_cipher.c
index 4081ca8..3cb46c4 100644
--- a/libtomcrypt/src/misc/crypt/crypt_unregister_cipher.c
+++ b/libtomcrypt/src/misc/crypt/crypt_unregister_cipher.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -29,7 +29,7 @@ int unregister_cipher(const struct ltc_cipher_descriptor *cipher)
    /* is it already registered? */
    LTC_MUTEX_LOCK(&ltc_cipher_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
-       if (memcmp(&cipher_descriptor[x], cipher, sizeof(struct ltc_cipher_descriptor)) == 0) {
+       if (XMEMCMP(&cipher_descriptor[x], cipher, sizeof(struct ltc_cipher_descriptor)) == 0) {
           cipher_descriptor[x].name = NULL;
           cipher_descriptor[x].ID   = 255;
           LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
@@ -41,5 +41,5 @@ int unregister_cipher(const struct ltc_cipher_descriptor *cipher)
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_unregister_cipher.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_unregister_hash.c b/libtomcrypt/src/misc/crypt/crypt_unregister_hash.c
index fdd25b2..a87a399 100644
--- a/libtomcrypt/src/misc/crypt/crypt_unregister_hash.c
+++ b/libtomcrypt/src/misc/crypt/crypt_unregister_hash.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -29,7 +29,7 @@ int unregister_hash(const struct ltc_hash_descriptor *hash)
    /* is it already registered? */
    LTC_MUTEX_LOCK(&ltc_hash_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
-       if (memcmp(&hash_descriptor[x], hash, sizeof(struct ltc_hash_descriptor)) == 0) {
+       if (XMEMCMP(&hash_descriptor[x], hash, sizeof(struct ltc_hash_descriptor)) == 0) {
           hash_descriptor[x].name = NULL;
           LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
           return CRYPT_OK;
@@ -40,5 +40,5 @@ int unregister_hash(const struct ltc_hash_descriptor *hash)
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_unregister_hash.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/misc/crypt/crypt_unregister_prng.c b/libtomcrypt/src/misc/crypt/crypt_unregister_prng.c
index 4aff6de..694cbcf 100644
--- a/libtomcrypt/src/misc/crypt/crypt_unregister_prng.c
+++ b/libtomcrypt/src/misc/crypt/crypt_unregister_prng.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -29,7 +29,7 @@ int unregister_prng(const struct ltc_prng_descriptor *prng)
    /* is it already registered? */
    LTC_MUTEX_LOCK(&ltc_prng_mutex);
    for (x = 0; x < TAB_SIZE; x++) {
-       if (memcmp(&prng_descriptor[x], prng, sizeof(struct ltc_prng_descriptor)) != 0) {
+       if (XMEMCMP(&prng_descriptor[x], prng, sizeof(struct ltc_prng_descriptor)) != 0) {
           prng_descriptor[x].name = NULL;
           LTC_MUTEX_UNLOCK(&ltc_prng_mutex);
           return CRYPT_OK;
@@ -40,5 +40,5 @@ int unregister_prng(const struct ltc_prng_descriptor *prng)
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/crypt/crypt_unregister_prng.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/19 18:00:28 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/misc/error_to_string.c b/libtomcrypt/src/misc/error_to_string.c
index 6167a70..1da2597 100644
--- a/libtomcrypt/src/misc/error_to_string.c
+++ b/libtomcrypt/src/misc/error_to_string.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 #include "tomcrypt.h"
@@ -70,5 +70,5 @@ const char *error_to_string(int err)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/error_to_string.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/mpi/is_prime.c b/libtomcrypt/src/misc/mpi/is_prime.c
deleted file mode 100644
index 9ee4ed2..0000000
--- a/libtomcrypt/src/misc/mpi/is_prime.c
+++ /dev/null
@@ -1,36 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
- */
-#include "tomcrypt.h"
-
-/**
-  @file is_prime.c
-  Determines if integer is prime for LTC, Tom St Denis
-*/  
-
-#ifdef MPI
-
-/* figures out if a number is prime (MR test) */
-int is_prime(mp_int *N, int *result)
-{
-   int err;
-   LTC_ARGCHK(N != NULL);
-   LTC_ARGCHK(result != NULL);
-   if ((err = mp_prime_is_prime(N, mp_prime_rabin_miller_trials(mp_count_bits(N)), result)) != MP_OKAY) {
-      return mpi_to_ltc_error(err);
-   }
-   return CRYPT_OK;
-}
-
-#endif
-
-/* $Source: /cvs/libtom/libtomcrypt/src/misc/mpi/is_prime.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
diff --git a/libtomcrypt/src/misc/mpi/mpi_to_ltc_error.c b/libtomcrypt/src/misc/mpi/mpi_to_ltc_error.c
deleted file mode 100644
index bc39ea1..0000000
--- a/libtomcrypt/src/misc/mpi/mpi_to_ltc_error.c
+++ /dev/null
@@ -1,48 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
- */
-#include "tomcrypt.h"
-
-/**
-  @file mpi_to_ltc_error.c
-  Convert MPI errors to LTC, Tom St Denis
-*/  
-
-#ifdef MPI
-static const struct {
-    int mpi_code, ltc_code;
-} mpi_to_ltc_codes[] = {
-   { MP_OKAY ,  CRYPT_OK},
-   { MP_MEM  ,  CRYPT_MEM},
-   { MP_VAL  ,  CRYPT_INVALID_ARG},
-};
-
-/**
-   Convert a MPI error to a LTC error (Possibly the most powerful function ever!  Oh wait... no) 
-   @param err    The error to convert
-   @return The equivalent LTC error code or CRYPT_ERROR if none found
-*/
-int mpi_to_ltc_error(int err)
-{
-   int x;
-
-   for (x = 0; x < (int)(sizeof(mpi_to_ltc_codes)/sizeof(mpi_to_ltc_codes[0])); x++) {
-       if (err == mpi_to_ltc_codes[x].mpi_code) { 
-          return mpi_to_ltc_codes[x].ltc_code;
-       }
-   }
-   return CRYPT_ERROR;
-}
-#endif
-
-
-/* $Source: /cvs/libtom/libtomcrypt/src/misc/mpi/mpi_to_ltc_error.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
diff --git a/libtomcrypt/src/misc/mpi/rand_prime.c b/libtomcrypt/src/misc/mpi/rand_prime.c
deleted file mode 100644
index 9c5921a..0000000
--- a/libtomcrypt/src/misc/mpi/rand_prime.c
+++ /dev/null
@@ -1,70 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
- */
-#include "tomcrypt.h"
-
-/**
-  @file rand_prime.c
-  Generate a random prime, Tom St Denis
-*/  
-#ifdef MPI
-
-struct rng_data {
-   prng_state *prng;
-   int         wprng;
-};
-
-static int rand_prime_helper(unsigned char *dst, int len, void *dat)
-{
-   return (int)prng_descriptor[((struct rng_data *)dat)->wprng].read(dst, len, ((struct rng_data *)dat)->prng);
-}
-
-int rand_prime(mp_int *N, long len, prng_state *prng, int wprng)
-{
-   struct rng_data rng;
-   int             type, err;
-
-   LTC_ARGCHK(N != NULL);
-
-   /* allow sizes between 2 and 256 bytes for a prime size */
-   if (len < 16 || len > 4096) { 
-      return CRYPT_INVALID_PRIME_SIZE;
-   }
-   
-   /* valid PRNG? Better be! */
-   if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
-      return err; 
-   }
-
-   /* setup our callback data, then world domination! */
-   rng.prng  = prng;
-   rng.wprng = wprng;
-
-   /* get type */
-   if (len < 0) {
-      type = LTM_PRIME_BBS;
-      len = -len;
-   } else {
-      type = 0;
-   }
-  type |= LTM_PRIME_2MSB_ON;
-
-   /* New prime generation makes the code even more cryptoish-insane.  Do you know what this means!!!
-      -- Gir:  Yeah, oh wait, er, no.
-    */
-   return mpi_to_ltc_error(mp_prime_random_ex(N, mp_prime_rabin_miller_trials(len), len, type, rand_prime_helper, &rng));
-}
-      
-#endif
-
-
-/* $Source: /cvs/libtom/libtomcrypt/src/misc/mpi/rand_prime.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
diff --git a/libtomcrypt/src/misc/pkcs5/pkcs_5_1.c b/libtomcrypt/src/misc/pkcs5/pkcs_5_1.c
index 90411b7..e6f7b0c 100644
--- a/libtomcrypt/src/misc/pkcs5/pkcs_5_1.c
+++ b/libtomcrypt/src/misc/pkcs5/pkcs_5_1.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include <tomcrypt.h>
 
@@ -102,5 +102,5 @@ LBL_ERR:
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/pkcs5/pkcs_5_1.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/pkcs5/pkcs_5_2.c b/libtomcrypt/src/misc/pkcs5/pkcs_5_2.c
index 08d8a18..6e8d161 100644
--- a/libtomcrypt/src/misc/pkcs5/pkcs_5_2.c
+++ b/libtomcrypt/src/misc/pkcs5/pkcs_5_2.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include <tomcrypt.h>
 
@@ -125,5 +125,5 @@ LBL_ERR:
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/pkcs5/pkcs_5_2.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/misc/zeromem.c b/libtomcrypt/src/misc/zeromem.c
index 1ab07dc..42dc3c2 100644
--- a/libtomcrypt/src/misc/zeromem.c
+++ b/libtomcrypt/src/misc/zeromem.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -23,12 +23,12 @@
 void zeromem(void *out, size_t outlen)
 {
    unsigned char *mem = out;
-   LTC_ARGCHK(out != NULL);
+   LTC_ARGCHKVD(out != NULL);
    while (outlen-- > 0) {
       *mem++ = 0;
    }
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/misc/zeromem.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/09 01:38:13 $ */
diff --git a/libtomcrypt/src/modes/cbc/cbc_decrypt.c b/libtomcrypt/src/modes/cbc/cbc_decrypt.c
index fc3fdd5..d768d88 100644
--- a/libtomcrypt/src/modes/cbc/cbc_decrypt.c
+++ b/libtomcrypt/src/modes/cbc/cbc_decrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -16,7 +16,7 @@
 */
 
 
-#ifdef CBC
+#ifdef LTC_CBC_MODE
 
 /**
   CBC decrypt
@@ -45,7 +45,7 @@ int cbc_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
    }
    
    /* is blocklen valid? */
-   if (cbc->blocklen < 0 || cbc->blocklen > (int)sizeof(cbc->IV)) {
+   if (cbc->blocklen < 1 || cbc->blocklen > (int)sizeof(cbc->IV)) {
       return CRYPT_INVALID_ARG;
    }    
 
@@ -53,32 +53,34 @@ int cbc_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
       return CRYPT_INVALID_ARG;
    }
 #ifdef LTC_FAST
-   if (len % sizeof(LTC_FAST_TYPE)) {   
+   if (cbc->blocklen % sizeof(LTC_FAST_TYPE)) {   
       return CRYPT_INVALID_ARG;
    }
 #endif
    
    if (cipher_descriptor[cbc->cipher].accel_cbc_decrypt != NULL) {
-      cipher_descriptor[cbc->cipher].accel_cbc_decrypt(ct, pt, len / cbc->blocklen, cbc->IV, &cbc->key);
+      return cipher_descriptor[cbc->cipher].accel_cbc_decrypt(ct, pt, len / cbc->blocklen, cbc->IV, &cbc->key);
    } else {
       while (len) {
          /* decrypt */
-         cipher_descriptor[cbc->cipher].ecb_decrypt(ct, tmp, &cbc->key);
+         if ((err = cipher_descriptor[cbc->cipher].ecb_decrypt(ct, tmp, &cbc->key)) != CRYPT_OK) {
+            return err;
+         }
 
          /* xor IV against plaintext */
          #if defined(LTC_FAST)
-	     for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) {
-	         tmpy = *((LTC_FAST_TYPE*)((unsigned char *)cbc->IV + x)) ^ *((LTC_FAST_TYPE*)((unsigned char *)tmp + x));
-		 *((LTC_FAST_TYPE*)((unsigned char *)cbc->IV + x)) = *((LTC_FAST_TYPE*)((unsigned char *)ct + x));
-		 *((LTC_FAST_TYPE*)((unsigned char *)pt + x)) = tmpy;
-	     }
-	 #else 
+        for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) {
+            tmpy = *((LTC_FAST_TYPE*)((unsigned char *)cbc->IV + x)) ^ *((LTC_FAST_TYPE*)((unsigned char *)tmp + x));
+       *((LTC_FAST_TYPE*)((unsigned char *)cbc->IV + x)) = *((LTC_FAST_TYPE*)((unsigned char *)ct + x));
+       *((LTC_FAST_TYPE*)((unsigned char *)pt + x)) = tmpy;
+        }
+    #else 
             for (x = 0; x < cbc->blocklen; x++) {
                tmpy       = tmp[x] ^ cbc->IV[x];
                cbc->IV[x] = ct[x];
                pt[x]      = tmpy;
             }
-	 #endif
+    #endif
        
          ct  += cbc->blocklen;
          pt  += cbc->blocklen;
@@ -91,5 +93,5 @@ int cbc_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/cbc/cbc_decrypt.c,v $ */
-/* $Revision: 1.9 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.15 $ */
+/* $Date: 2006/11/21 00:18:23 $ */
diff --git a/libtomcrypt/src/modes/cbc/cbc_done.c b/libtomcrypt/src/modes/cbc/cbc_done.c
index afaa9bb..99b035e 100644
--- a/libtomcrypt/src/modes/cbc/cbc_done.c
+++ b/libtomcrypt/src/modes/cbc/cbc_done.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    CBC implementation, finish chain, Tom St Denis
 */
 
-#ifdef CBC
+#ifdef LTC_CBC_MODE
 
 /** Terminate the chain
   @param cbc    The CBC chain to terminate
@@ -38,5 +38,5 @@ int cbc_done(symmetric_CBC *cbc)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/cbc/cbc_done.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/29 01:46:46 $ */
diff --git a/libtomcrypt/src/modes/cbc/cbc_encrypt.c b/libtomcrypt/src/modes/cbc/cbc_encrypt.c
index a6b41b1..bbfd1c4 100644
--- a/libtomcrypt/src/modes/cbc/cbc_encrypt.c
+++ b/libtomcrypt/src/modes/cbc/cbc_encrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -16,7 +16,7 @@
 */
 
 
-#ifdef CBC
+#ifdef LTC_CBC_MODE
 
 /**
   CBC encrypt
@@ -39,7 +39,7 @@ int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
    }
    
    /* is blocklen valid? */
-   if (cbc->blocklen < 0 || cbc->blocklen > (int)sizeof(cbc->IV)) {
+   if (cbc->blocklen < 1 || cbc->blocklen > (int)sizeof(cbc->IV)) {
       return CRYPT_INVALID_ARG;
    }    
 
@@ -47,39 +47,41 @@ int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
       return CRYPT_INVALID_ARG;
    }
 #ifdef LTC_FAST
-   if (len % sizeof(LTC_FAST_TYPE)) {   
+   if (cbc->blocklen % sizeof(LTC_FAST_TYPE)) {   
       return CRYPT_INVALID_ARG;
    }
 #endif
 
    if (cipher_descriptor[cbc->cipher].accel_cbc_encrypt != NULL) {
-      cipher_descriptor[cbc->cipher].accel_cbc_encrypt(pt, ct, len / cbc->blocklen, cbc->IV, &cbc->key);
+      return cipher_descriptor[cbc->cipher].accel_cbc_encrypt(pt, ct, len / cbc->blocklen, cbc->IV, &cbc->key);
    } else {
       while (len) {
          /* xor IV against plaintext */
          #if defined(LTC_FAST)
-	     for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) {
-	         *((LTC_FAST_TYPE*)((unsigned char *)cbc->IV + x)) ^= *((LTC_FAST_TYPE*)((unsigned char *)pt + x));
-	     }
-	 #else 
+        for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) {
+            *((LTC_FAST_TYPE*)((unsigned char *)cbc->IV + x)) ^= *((LTC_FAST_TYPE*)((unsigned char *)pt + x));
+        }
+    #else 
             for (x = 0; x < cbc->blocklen; x++) {
                cbc->IV[x] ^= pt[x];
             }
-	 #endif
+    #endif
 
          /* encrypt */
-         cipher_descriptor[cbc->cipher].ecb_encrypt(cbc->IV, ct, &cbc->key);
+         if ((err = cipher_descriptor[cbc->cipher].ecb_encrypt(cbc->IV, ct, &cbc->key)) != CRYPT_OK) {
+            return err;
+         }
 
         /* store IV [ciphertext] for a future block */
          #if defined(LTC_FAST)
-	     for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) {
-	         *((LTC_FAST_TYPE*)((unsigned char *)cbc->IV + x)) = *((LTC_FAST_TYPE*)((unsigned char *)ct + x));
-	     }
-	 #else 
+        for (x = 0; x < cbc->blocklen; x += sizeof(LTC_FAST_TYPE)) {
+            *((LTC_FAST_TYPE*)((unsigned char *)cbc->IV + x)) = *((LTC_FAST_TYPE*)((unsigned char *)ct + x));
+        }
+    #else 
              for (x = 0; x < cbc->blocklen; x++) {
                 cbc->IV[x] = ct[x];
              }
-	 #endif
+    #endif
         
         ct  += cbc->blocklen;
         pt  += cbc->blocklen;
@@ -92,5 +94,5 @@ int cbc_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/cbc/cbc_encrypt.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.13 $ */
+/* $Date: 2006/11/21 00:18:23 $ */
diff --git a/libtomcrypt/src/modes/cbc/cbc_getiv.c b/libtomcrypt/src/modes/cbc/cbc_getiv.c
index ab418b1..c54d558 100644
--- a/libtomcrypt/src/modes/cbc/cbc_getiv.c
+++ b/libtomcrypt/src/modes/cbc/cbc_getiv.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    CBC implementation, get IV, Tom St Denis
 */
 
-#ifdef CBC
+#ifdef LTC_CBC_MODE
 
 /**
    Get the current initial vector
@@ -30,6 +30,7 @@ int cbc_getiv(unsigned char *IV, unsigned long *len, symmetric_CBC *cbc)
    LTC_ARGCHK(len != NULL);
    LTC_ARGCHK(cbc != NULL);
    if ((unsigned long)cbc->blocklen > *len) {
+      *len = cbc->blocklen;
       return CRYPT_BUFFER_OVERFLOW;
    }
    XMEMCPY(IV, cbc->IV, cbc->blocklen);
@@ -41,5 +42,5 @@ int cbc_getiv(unsigned char *IV, unsigned long *len, symmetric_CBC *cbc)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/cbc/cbc_getiv.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/29 01:46:46 $ */
diff --git a/libtomcrypt/src/modes/cbc/cbc_setiv.c b/libtomcrypt/src/modes/cbc/cbc_setiv.c
index c38e713..6fb70ca 100644
--- a/libtomcrypt/src/modes/cbc/cbc_setiv.c
+++ b/libtomcrypt/src/modes/cbc/cbc_setiv.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -16,7 +16,7 @@
 */
 
 
-#ifdef CBC
+#ifdef LTC_CBC_MODE
 
 /**
    Set an initial vector
@@ -40,5 +40,5 @@ int cbc_setiv(const unsigned char *IV, unsigned long len, symmetric_CBC *cbc)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/cbc/cbc_setiv.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/06/29 01:46:46 $ */
diff --git a/libtomcrypt/src/modes/cbc/cbc_start.c b/libtomcrypt/src/modes/cbc/cbc_start.c
index 833bb87..86ec7b9 100644
--- a/libtomcrypt/src/modes/cbc/cbc_start.c
+++ b/libtomcrypt/src/modes/cbc/cbc_start.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    CBC implementation, start chain, Tom St Denis
 */
 
-#ifdef CBC
+#ifdef LTC_CBC_MODE
 
 /**
    Initialize a CBC context
@@ -58,5 +58,5 @@ int cbc_start(int cipher, const unsigned char *IV, const unsigned char *key,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/cbc/cbc_start.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/06/29 01:46:46 $ */
diff --git a/libtomcrypt/src/modes/cfb/cfb_decrypt.c b/libtomcrypt/src/modes/cfb/cfb_decrypt.c
index 3d51ba5..76a4de1 100644
--- a/libtomcrypt/src/modes/cfb/cfb_decrypt.c
+++ b/libtomcrypt/src/modes/cfb/cfb_decrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   CFB implementation, decrypt data, Tom St Denis
 */
 
-#ifdef CFB
+#ifdef LTC_CFB_MODE
 
 /**
    CFB decrypt
@@ -45,14 +45,16 @@ int cfb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
 
    while (len-- > 0) {
        if (cfb->padlen == cfb->blocklen) {
-          cipher_descriptor[cfb->cipher].ecb_encrypt(cfb->pad, cfb->IV, &cfb->key);
+          if ((err = cipher_descriptor[cfb->cipher].ecb_encrypt(cfb->pad, cfb->IV, &cfb->key)) != CRYPT_OK) {
+             return err;
+          }
           cfb->padlen = 0;
        }
        cfb->pad[cfb->padlen] = *ct;
        *pt = *ct ^ cfb->IV[cfb->padlen];
        ++pt; 
        ++ct;
-       ++cfb->padlen;
+       ++(cfb->padlen);
    }
    return CRYPT_OK;
 }
@@ -61,5 +63,5 @@ int cfb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/cfb/cfb_decrypt.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/11/26 01:45:14 $ */
diff --git a/libtomcrypt/src/modes/cfb/cfb_done.c b/libtomcrypt/src/modes/cfb/cfb_done.c
index 8924761..4ee9d50 100644
--- a/libtomcrypt/src/modes/cfb/cfb_done.c
+++ b/libtomcrypt/src/modes/cfb/cfb_done.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    CFB implementation, finish chain, Tom St Denis
 */
 
-#ifdef CFB
+#ifdef LTC_CFB_MODE
 
 /** Terminate the chain
   @param cfb    The CFB chain to terminate
@@ -38,5 +38,5 @@ int cfb_done(symmetric_CFB *cfb)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/cfb/cfb_done.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/29 01:51:34 $ */
diff --git a/libtomcrypt/src/modes/cfb/cfb_encrypt.c b/libtomcrypt/src/modes/cfb/cfb_encrypt.c
index cca0116..b619682 100644
--- a/libtomcrypt/src/modes/cfb/cfb_encrypt.c
+++ b/libtomcrypt/src/modes/cfb/cfb_encrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   CFB implementation, encrypt data, Tom St Denis
 */
 
-#ifdef CFB
+#ifdef LTC_CFB_MODE
 
 /**
   CFB encrypt
@@ -45,13 +45,15 @@ int cfb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
 
    while (len-- > 0) {
        if (cfb->padlen == cfb->blocklen) {
-          cipher_descriptor[cfb->cipher].ecb_encrypt(cfb->pad, cfb->IV, &cfb->key);
+          if ((err = cipher_descriptor[cfb->cipher].ecb_encrypt(cfb->pad, cfb->IV, &cfb->key)) != CRYPT_OK) {
+             return err;
+          }
           cfb->padlen = 0;
        }
        cfb->pad[cfb->padlen] = (*ct = *pt ^ cfb->IV[cfb->padlen]);
        ++pt; 
        ++ct;
-       ++cfb->padlen;
+       ++(cfb->padlen);
    }
    return CRYPT_OK;
 }
@@ -59,5 +61,5 @@ int cfb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/cfb/cfb_encrypt.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/11/26 01:45:14 $ */
diff --git a/libtomcrypt/src/modes/cfb/cfb_getiv.c b/libtomcrypt/src/modes/cfb/cfb_getiv.c
index 5c5b4c4..1689a75 100644
--- a/libtomcrypt/src/modes/cfb/cfb_getiv.c
+++ b/libtomcrypt/src/modes/cfb/cfb_getiv.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    CFB implementation, get IV, Tom St Denis
 */
 
-#ifdef CFB
+#ifdef LTC_CFB_MODE
 
 /**
    Get the current initial vector
@@ -30,6 +30,7 @@ int cfb_getiv(unsigned char *IV, unsigned long *len, symmetric_CFB *cfb)
    LTC_ARGCHK(len != NULL);
    LTC_ARGCHK(cfb != NULL);
    if ((unsigned long)cfb->blocklen > *len) {
+      *len = cfb->blocklen;
       return CRYPT_BUFFER_OVERFLOW;
    }
    XMEMCPY(IV, cfb->IV, cfb->blocklen);
@@ -41,5 +42,5 @@ int cfb_getiv(unsigned char *IV, unsigned long *len, symmetric_CFB *cfb)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/cfb/cfb_getiv.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/29 01:51:34 $ */
diff --git a/libtomcrypt/src/modes/cfb/cfb_setiv.c b/libtomcrypt/src/modes/cfb/cfb_setiv.c
index d075a0d..efb848b 100644
--- a/libtomcrypt/src/modes/cfb/cfb_setiv.c
+++ b/libtomcrypt/src/modes/cfb/cfb_setiv.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -14,7 +14,8 @@
   @file cfb_setiv.c
   CFB implementation, set IV, Tom St Denis
 */  
-#ifdef CFB
+
+#ifdef LTC_CFB_MODE
 
 /**
    Set an initial vector
@@ -40,14 +41,12 @@ int cfb_setiv(const unsigned char *IV, unsigned long len, symmetric_CFB *cfb)
       
    /* force next block */
    cfb->padlen = 0;
-   cipher_descriptor[cfb->cipher].ecb_encrypt(IV, cfb->IV, &cfb->key);
-
-   return CRYPT_OK;
+   return cipher_descriptor[cfb->cipher].ecb_encrypt(IV, cfb->IV, &cfb->key);
 }
 
 #endif 
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/cfb/cfb_setiv.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/29 01:51:34 $ */
diff --git a/libtomcrypt/src/modes/cfb/cfb_start.c b/libtomcrypt/src/modes/cfb/cfb_start.c
index 755e173..e70d635 100644
--- a/libtomcrypt/src/modes/cfb/cfb_start.c
+++ b/libtomcrypt/src/modes/cfb/cfb_start.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -16,7 +16,7 @@
 */
 
 
-#ifdef CFB
+#ifdef LTC_CFB_MODE
 
 /**
    Initialize a CFB context
@@ -54,14 +54,12 @@ int cfb_start(int cipher, const unsigned char *IV, const unsigned char *key,
    }
 
    /* encrypt the IV */
-   cipher_descriptor[cfb->cipher].ecb_encrypt(cfb->IV, cfb->IV, &cfb->key);
    cfb->padlen = 0;
-
-   return CRYPT_OK;
+   return cipher_descriptor[cfb->cipher].ecb_encrypt(cfb->IV, cfb->IV, &cfb->key);
 }
 
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/cfb/cfb_start.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/29 01:51:34 $ */
diff --git a/libtomcrypt/src/modes/ctr/ctr_decrypt.c b/libtomcrypt/src/modes/ctr/ctr_decrypt.c
index e1d1d51..f32821f 100644
--- a/libtomcrypt/src/modes/ctr/ctr_decrypt.c
+++ b/libtomcrypt/src/modes/ctr/ctr_decrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   CTR implementation, decrypt data, Tom St Denis
 */
 
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 
 /**
    CTR decrypt
@@ -38,5 +38,5 @@ int ctr_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ctr/ctr_decrypt.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/06/29 01:46:46 $ */
diff --git a/libtomcrypt/src/modes/ctr/ctr_done.c b/libtomcrypt/src/modes/ctr/ctr_done.c
index f2e79ba..074c8b6 100644
--- a/libtomcrypt/src/modes/ctr/ctr_done.c
+++ b/libtomcrypt/src/modes/ctr/ctr_done.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    CTR implementation, finish chain, Tom St Denis
 */
 
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 
 /** Terminate the chain
   @param ctr    The CTR chain to terminate
@@ -38,5 +38,5 @@ int ctr_done(symmetric_CTR *ctr)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ctr/ctr_done.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/29 01:46:46 $ */
diff --git a/libtomcrypt/src/modes/ctr/ctr_encrypt.c b/libtomcrypt/src/modes/ctr/ctr_encrypt.c
index 79795ae..84dd65b 100644
--- a/libtomcrypt/src/modes/ctr/ctr_encrypt.c
+++ b/libtomcrypt/src/modes/ctr/ctr_encrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -16,7 +16,7 @@
 */
 
 
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 
 /**
   CTR encrypt
@@ -39,7 +39,7 @@ int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
    }
    
    /* is blocklen/padlen valid? */
-   if (ctr->blocklen < 0 || ctr->blocklen > (int)sizeof(ctr->ctr) ||
+   if (ctr->blocklen < 1 || ctr->blocklen > (int)sizeof(ctr->ctr) ||
        ctr->padlen   < 0 || ctr->padlen   > (int)sizeof(ctr->pad)) {
       return CRYPT_INVALID_ARG;
    }
@@ -52,7 +52,9 @@ int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
    
    /* handle acceleration only if pad is empty, accelerator is present and length is >= a block size */
    if ((ctr->padlen == ctr->blocklen) && cipher_descriptor[ctr->cipher].accel_ctr_encrypt != NULL && (len >= (unsigned long)ctr->blocklen)) {
-      cipher_descriptor[ctr->cipher].accel_ctr_encrypt(pt, ct, len/ctr->blocklen, ctr->ctr, ctr->mode, &ctr->key);
+      if ((err = cipher_descriptor[ctr->cipher].accel_ctr_encrypt(pt, ct, len/ctr->blocklen, ctr->ctr, ctr->mode, &ctr->key)) != CRYPT_OK) {
+         return err;
+      }
       len %= ctr->blocklen;
    }
 
@@ -79,7 +81,9 @@ int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
          }
 
          /* encrypt it */
-         cipher_descriptor[ctr->cipher].ecb_encrypt(ctr->ctr, ctr->pad, &ctr->key);
+         if ((err = cipher_descriptor[ctr->cipher].ecb_encrypt(ctr->ctr, ctr->pad, &ctr->key)) != CRYPT_OK) {
+            return err;
+         }
          ctr->padlen = 0;
       }
 #ifdef LTC_FAST
@@ -88,15 +92,15 @@ int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
             *((LTC_FAST_TYPE*)((unsigned char *)ct + x)) = *((LTC_FAST_TYPE*)((unsigned char *)pt + x)) ^
                                                            *((LTC_FAST_TYPE*)((unsigned char *)ctr->pad + x));
          }
-	    pt         += ctr->blocklen;
-	    ct         += ctr->blocklen;
-	    len        -= ctr->blocklen;
-	    ctr->padlen = ctr->blocklen;
-	    continue;
-	 }
-#endif	 
-    *ct++ = *pt++ ^ ctr->pad[ctr->padlen++];
-	 --len;
+       pt         += ctr->blocklen;
+       ct         += ctr->blocklen;
+       len        -= ctr->blocklen;
+       ctr->padlen = ctr->blocklen;
+       continue;
+      }
+#endif    
+      *ct++ = *pt++ ^ ctr->pad[ctr->padlen++];
+      --len;
    }
    return CRYPT_OK;
 }
@@ -104,5 +108,5 @@ int ctr_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ctr/ctr_encrypt.c,v $ */
-/* $Revision: 1.13 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.20 $ */
+/* $Date: 2006/11/21 00:18:23 $ */
diff --git a/libtomcrypt/src/modes/ctr/ctr_getiv.c b/libtomcrypt/src/modes/ctr/ctr_getiv.c
index 50ce6a0..2fbf888 100644
--- a/libtomcrypt/src/modes/ctr/ctr_getiv.c
+++ b/libtomcrypt/src/modes/ctr/ctr_getiv.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    CTR implementation, get IV, Tom St Denis
 */
 
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 
 /**
    Get the current initial vector
@@ -30,6 +30,7 @@ int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr)
    LTC_ARGCHK(len != NULL);
    LTC_ARGCHK(ctr != NULL);
    if ((unsigned long)ctr->blocklen > *len) {
+      *len = ctr->blocklen;
       return CRYPT_BUFFER_OVERFLOW;
    }
    XMEMCPY(IV, ctr->ctr, ctr->blocklen);
@@ -41,5 +42,5 @@ int ctr_getiv(unsigned char *IV, unsigned long *len, symmetric_CTR *ctr)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ctr/ctr_getiv.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/29 01:46:46 $ */
diff --git a/libtomcrypt/src/modes/ctr/ctr_setiv.c b/libtomcrypt/src/modes/ctr/ctr_setiv.c
index 64d4c43..8e8649f 100644
--- a/libtomcrypt/src/modes/ctr/ctr_setiv.c
+++ b/libtomcrypt/src/modes/ctr/ctr_setiv.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   CTR implementation, set IV, Tom St Denis
 */
   
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 
 /**
    Set an initial vector
@@ -45,14 +45,12 @@ int ctr_setiv(const unsigned char *IV, unsigned long len, symmetric_CTR *ctr)
    
    /* force next block */
    ctr->padlen = 0;
-   cipher_descriptor[ctr->cipher].ecb_encrypt(IV, ctr->pad, &ctr->key);
-   
-   return CRYPT_OK;
+   return cipher_descriptor[ctr->cipher].ecb_encrypt(IV, ctr->pad, &ctr->key);
 }
 
 #endif 
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ctr/ctr_setiv.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/29 01:46:46 $ */
diff --git a/libtomcrypt/src/modes/ctr/ctr_start.c b/libtomcrypt/src/modes/ctr/ctr_start.c
index 7c7eebb..895c8a4 100644
--- a/libtomcrypt/src/modes/ctr/ctr_start.c
+++ b/libtomcrypt/src/modes/ctr/ctr_start.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -16,7 +16,7 @@
 */
 
 
-#ifdef CTR
+#ifdef LTC_CTR_MODE
 
 /**
    Initialize a CTR context
@@ -55,16 +55,37 @@ int ctr_start(               int   cipher,
    ctr->blocklen = cipher_descriptor[cipher].block_length;
    ctr->cipher   = cipher;
    ctr->padlen   = 0;
-   ctr->mode     = ctr_mode;
+   ctr->mode     = ctr_mode & 1;
    for (x = 0; x < ctr->blocklen; x++) {
        ctr->ctr[x] = IV[x];
    }
-   cipher_descriptor[ctr->cipher].ecb_encrypt(ctr->ctr, ctr->pad, &ctr->key);
-   return CRYPT_OK;
+
+   if (ctr_mode & LTC_CTR_RFC3686) {
+      /* increment the IV as per RFC 3686 */
+      if (ctr->mode == CTR_COUNTER_LITTLE_ENDIAN) {
+         /* little-endian */
+         for (x = 0; x < ctr->blocklen; x++) {
+             ctr->ctr[x] = (ctr->ctr[x] + (unsigned char)1) & (unsigned char)255;
+             if (ctr->ctr[x] != (unsigned char)0) {
+                break;
+             }
+         }
+      } else {
+         /* big-endian */
+         for (x = ctr->blocklen-1; x >= 0; x--) {
+             ctr->ctr[x] = (ctr->ctr[x] + (unsigned char)1) & (unsigned char)255;
+             if (ctr->ctr[x] != (unsigned char)0) {
+                break;
+             }
+         }
+      }
+   }
+
+   return cipher_descriptor[ctr->cipher].ecb_encrypt(ctr->ctr, ctr->pad, &ctr->key); 
 }
 
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ctr/ctr_start.c,v $ */
-/* $Revision: 1.6 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.11 $ */
+/* $Date: 2006/11/05 01:46:35 $ */
diff --git a/libtomcrypt/src/modes/ctr/ctr_test.c b/libtomcrypt/src/modes/ctr/ctr_test.c
new file mode 100644
index 0000000..ad20778
--- /dev/null
+++ b/libtomcrypt/src/modes/ctr/ctr_test.c
@@ -0,0 +1,85 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ctr_test.c
+  CTR implementation, Tests again RFC 3686, Tom St Denis
+*/
+
+#ifdef LTC_CTR_MODE
+
+int ctr_test(void)
+{
+#ifdef LTC_NO_TEST
+   return CRYPT_NOP;
+#else
+   static const struct {
+      int keylen, msglen;
+      unsigned char key[32], IV[16], pt[64], ct[64];
+   } tests[] = {
+/* 128-bit key, 16-byte pt */
+{
+   16, 16,
+   {0xAE,0x68,0x52,0xF8,0x12,0x10,0x67,0xCC,0x4B,0xF7,0xA5,0x76,0x55,0x77,0xF3,0x9E },
+   {0x00,0x00,0x00,0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 },
+   {0x53,0x69,0x6E,0x67,0x6C,0x65,0x20,0x62,0x6C,0x6F,0x63,0x6B,0x20,0x6D,0x73,0x67 },
+   {0xE4,0x09,0x5D,0x4F,0xB7,0xA7,0xB3,0x79,0x2D,0x61,0x75,0xA3,0x26,0x13,0x11,0xB8 },
+},
+
+/* 128-bit key, 36-byte pt */
+{
+   16, 36,
+   {0x76,0x91,0xBE,0x03,0x5E,0x50,0x20,0xA8,0xAC,0x6E,0x61,0x85,0x29,0xF9,0xA0,0xDC },
+   {0x00,0xE0,0x01,0x7B,0x27,0x77,0x7F,0x3F,0x4A,0x17,0x86,0xF0,0x00,0x00,0x00,0x00 },
+   {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F,
+    0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,
+    0x20,0x21,0x22,0x23},
+   {0xC1,0xCF,0x48,0xA8,0x9F,0x2F,0xFD,0xD9,0xCF,0x46,0x52,0xE9,0xEF,0xDB,0x72,0xD7,
+    0x45,0x40,0xA4,0x2B,0xDE,0x6D,0x78,0x36,0xD5,0x9A,0x5C,0xEA,0xAE,0xF3,0x10,0x53,
+    0x25,0xB2,0x07,0x2F },
+},
+};
+  int idx, err, x;
+  unsigned char buf[64];
+  symmetric_CTR ctr;
+
+  /* AES can be under rijndael or aes... try to find it */ 
+  if ((idx = find_cipher("aes")) == -1) {
+     if ((idx = find_cipher("rijndael")) == -1) {
+        return CRYPT_NOP;
+     }
+  }
+
+  for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
+     if ((err = ctr_start(idx, tests[x].IV, tests[x].key, tests[x].keylen, 0, CTR_COUNTER_BIG_ENDIAN|LTC_CTR_RFC3686, &ctr)) != CRYPT_OK) {
+        return err;
+     }
+     if ((err = ctr_encrypt(tests[x].pt, buf, tests[x].msglen, &ctr)) != CRYPT_OK) {
+        return err;
+     }
+     ctr_done(&ctr);
+     if (XMEMCMP(buf, tests[x].ct, tests[x].msglen)) {
+        return CRYPT_FAIL_TESTVECTOR;
+     }
+  }
+  return CRYPT_OK;
+#endif
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/ctr/ctr_test.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2006/11/05 02:06:49 $ */
+
+
+
diff --git a/libtomcrypt/src/modes/ecb/ecb_decrypt.c b/libtomcrypt/src/modes/ecb/ecb_decrypt.c
index aa83661..c16fce0 100644
--- a/libtomcrypt/src/modes/ecb/ecb_decrypt.c
+++ b/libtomcrypt/src/modes/ecb/ecb_decrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   ECB implementation, decrypt a block, Tom St Denis
 */
 
-#ifdef ECB
+#ifdef LTC_ECB_MODE
 
 /**
   ECB decrypt
@@ -40,10 +40,12 @@ int ecb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
 
    /* check for accel */
    if (cipher_descriptor[ecb->cipher].accel_ecb_decrypt != NULL) {
-      cipher_descriptor[ecb->cipher].accel_ecb_decrypt(ct, pt, len / cipher_descriptor[ecb->cipher].block_length, &ecb->key);
+      return cipher_descriptor[ecb->cipher].accel_ecb_decrypt(ct, pt, len / cipher_descriptor[ecb->cipher].block_length, &ecb->key);
    } else {
       while (len) {
-         cipher_descriptor[ecb->cipher].ecb_decrypt(ct, pt, &ecb->key);
+         if ((err = cipher_descriptor[ecb->cipher].ecb_decrypt(ct, pt, &ecb->key)) != CRYPT_OK) {
+            return err;
+         }
          pt  += cipher_descriptor[ecb->cipher].block_length;
          ct  += cipher_descriptor[ecb->cipher].block_length;
          len -= cipher_descriptor[ecb->cipher].block_length;
@@ -55,5 +57,5 @@ int ecb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ecb/ecb_decrypt.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/06/29 01:51:34 $ */
diff --git a/libtomcrypt/src/modes/ecb/ecb_done.c b/libtomcrypt/src/modes/ecb/ecb_done.c
index a072615..2af3a83 100644
--- a/libtomcrypt/src/modes/ecb/ecb_done.c
+++ b/libtomcrypt/src/modes/ecb/ecb_done.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    ECB implementation, finish chain, Tom St Denis
 */
 
-#ifdef ECB
+#ifdef LTC_ECB_MODE
 
 /** Terminate the chain
   @param ecb    The ECB chain to terminate
@@ -38,5 +38,5 @@ int ecb_done(symmetric_ECB *ecb)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ecb/ecb_done.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/06/29 01:51:34 $ */
diff --git a/libtomcrypt/src/modes/ecb/ecb_encrypt.c b/libtomcrypt/src/modes/ecb/ecb_encrypt.c
index 21e0385..f6910c6 100644
--- a/libtomcrypt/src/modes/ecb/ecb_encrypt.c
+++ b/libtomcrypt/src/modes/ecb/ecb_encrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   ECB implementation, encrypt a block, Tom St Denis
 */
 
-#ifdef ECB
+#ifdef LTC_ECB_MODE
 
 /**
   ECB encrypt
@@ -40,10 +40,12 @@ int ecb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
 
    /* check for accel */
    if (cipher_descriptor[ecb->cipher].accel_ecb_encrypt != NULL) {
-      cipher_descriptor[ecb->cipher].accel_ecb_encrypt(pt, ct, len / cipher_descriptor[ecb->cipher].block_length, &ecb->key);
+      return cipher_descriptor[ecb->cipher].accel_ecb_encrypt(pt, ct, len / cipher_descriptor[ecb->cipher].block_length, &ecb->key);
    } else {
       while (len) {
-         cipher_descriptor[ecb->cipher].ecb_encrypt(pt, ct, &ecb->key);
+         if ((err = cipher_descriptor[ecb->cipher].ecb_encrypt(pt, ct, &ecb->key)) != CRYPT_OK) {
+            return err;
+         }
          pt  += cipher_descriptor[ecb->cipher].block_length;
          ct  += cipher_descriptor[ecb->cipher].block_length;
          len -= cipher_descriptor[ecb->cipher].block_length;
@@ -55,5 +57,5 @@ int ecb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ecb/ecb_encrypt.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/06/29 01:51:34 $ */
diff --git a/libtomcrypt/src/modes/ecb/ecb_start.c b/libtomcrypt/src/modes/ecb/ecb_start.c
index f7baa81..cc84579 100644
--- a/libtomcrypt/src/modes/ecb/ecb_start.c
+++ b/libtomcrypt/src/modes/ecb/ecb_start.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -16,7 +16,7 @@
 */
 
 
-#ifdef ECB
+#ifdef LTC_ECB_MODE
 
 /**
    Initialize a ECB context
@@ -44,5 +44,5 @@ int ecb_start(int cipher, const unsigned char *key, int keylen, int num_rounds,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ecb/ecb_start.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/06/29 01:51:34 $ */
diff --git a/libtomcrypt/src/modes/f8/f8_decrypt.c b/libtomcrypt/src/modes/f8/f8_decrypt.c
new file mode 100644
index 0000000..fc8f61a
--- /dev/null
+++ b/libtomcrypt/src/modes/f8/f8_decrypt.c
@@ -0,0 +1,43 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file f8_decrypt.c
+  F8 implementation, decrypt data, Tom St Denis
+*/
+
+#ifdef LTC_F8_MODE
+
+/**
+   F8 decrypt
+   @param ct      Ciphertext
+   @param pt      [out] Plaintext
+   @param len     Length of ciphertext (octets)
+   @param f8      F8 state
+   @return CRYPT_OK if successful
+*/
+int f8_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_F8 *f8)
+{
+   LTC_ARGCHK(pt != NULL);
+   LTC_ARGCHK(ct != NULL);
+   LTC_ARGCHK(f8 != NULL);
+   return f8_encrypt(ct, pt, len, f8);
+}
+
+
+#endif
+
+ 
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/f8/f8_decrypt.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2006/06/16 22:49:25 $ */
diff --git a/libtomcrypt/src/modes/f8/f8_done.c b/libtomcrypt/src/modes/f8/f8_done.c
new file mode 100644
index 0000000..c864767
--- /dev/null
+++ b/libtomcrypt/src/modes/f8/f8_done.c
@@ -0,0 +1,42 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+   @file f8_done.c
+   F8 implementation, finish chain, Tom St Denis
+*/
+
+#ifdef LTC_F8_MODE
+
+/** Terminate the chain
+  @param f8    The F8 chain to terminate
+  @return CRYPT_OK on success
+*/
+int f8_done(symmetric_F8 *f8)
+{
+   int err;
+   LTC_ARGCHK(f8 != NULL);
+
+   if ((err = cipher_is_valid(f8->cipher)) != CRYPT_OK) {
+      return err;
+   }
+   cipher_descriptor[f8->cipher].done(&f8->key);
+   return CRYPT_OK;
+}
+
+   
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/f8/f8_done.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2006/06/16 22:49:25 $ */
diff --git a/libtomcrypt/src/modes/f8/f8_encrypt.c b/libtomcrypt/src/modes/f8/f8_encrypt.c
new file mode 100644
index 0000000..fc33be9
--- /dev/null
+++ b/libtomcrypt/src/modes/f8/f8_encrypt.c
@@ -0,0 +1,103 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file f8_encrypt.c
+  F8 implementation, encrypt data, Tom St Denis
+*/
+
+#ifdef LTC_F8_MODE
+
+/**
+  F8 encrypt
+  @param pt     Plaintext
+  @param ct     [out] Ciphertext
+  @param len    Length of plaintext (octets)
+  @param f8     F8 state
+  @return CRYPT_OK if successful
+*/
+int f8_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_F8 *f8)
+{
+   int           err, x;
+   unsigned char buf[MAXBLOCKSIZE];
+   LTC_ARGCHK(pt != NULL);
+   LTC_ARGCHK(ct != NULL);
+   LTC_ARGCHK(f8 != NULL);
+   if ((err = cipher_is_valid(f8->cipher)) != CRYPT_OK) {
+       return err;
+   }
+   
+   /* is blocklen/padlen valid? */
+   if (f8->blocklen < 0 || f8->blocklen > (int)sizeof(f8->IV) ||
+       f8->padlen   < 0 || f8->padlen   > (int)sizeof(f8->IV)) {
+      return CRYPT_INVALID_ARG;
+   }
+   
+   zeromem(buf, sizeof(buf));
+
+   /* make sure the pad is empty */
+   if (f8->padlen == f8->blocklen) {
+      /* xor of IV, MIV and blockcnt == what goes into cipher */
+      STORE32H(f8->blockcnt, (buf+(f8->blocklen-4)));
+      ++(f8->blockcnt);
+      for (x = 0; x < f8->blocklen; x++) {
+          f8->IV[x] ^= f8->MIV[x] ^ buf[x];
+      }
+      if ((err = cipher_descriptor[f8->cipher].ecb_encrypt(f8->IV, f8->IV, &f8->key)) != CRYPT_OK) {
+         return err;
+      }
+      f8->padlen = 0;
+   }
+
+#ifdef LTC_FAST
+   if (f8->padlen == 0) {
+      while (len >= (unsigned long)f8->blocklen) {
+         STORE32H(f8->blockcnt, (buf+(f8->blocklen-4)));
+         ++(f8->blockcnt);
+         for (x = 0; x < f8->blocklen; x += sizeof(LTC_FAST_TYPE)) {
+             *((LTC_FAST_TYPE*)(&ct[x])) = *((LTC_FAST_TYPE*)(&pt[x])) ^ *((LTC_FAST_TYPE*)(&f8->IV[x]));
+             *((LTC_FAST_TYPE*)(&f8->IV[x])) ^= *((LTC_FAST_TYPE*)(&f8->MIV[x])) ^ *((LTC_FAST_TYPE*)(&buf[x]));
+         }
+         if ((err = cipher_descriptor[f8->cipher].ecb_encrypt(f8->IV, f8->IV, &f8->key)) != CRYPT_OK) {
+            return err;
+         }
+         len -= x;
+         pt  += x;
+         ct  += x;
+      }
+   }
+#endif             
+
+   while (len > 0) {
+       if (f8->padlen == f8->blocklen) {
+          /* xor of IV, MIV and blockcnt == what goes into cipher */
+          STORE32H(f8->blockcnt, (buf+(f8->blocklen-4)));
+          ++(f8->blockcnt);
+          for (x = 0; x < f8->blocklen; x++) {
+              f8->IV[x] ^= f8->MIV[x] ^ buf[x];
+          }
+          if ((err = cipher_descriptor[f8->cipher].ecb_encrypt(f8->IV, f8->IV, &f8->key)) != CRYPT_OK) {
+             return err;
+          }
+          f8->padlen = 0;
+       }
+       *ct++ = *pt++ ^ f8->IV[f8->padlen++];
+       --len;
+   }
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/f8/f8_encrypt.c,v $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/11/05 04:16:32 $ */
diff --git a/libtomcrypt/src/modes/f8/f8_getiv.c b/libtomcrypt/src/modes/f8/f8_getiv.c
new file mode 100644
index 0000000..2c5d92f
--- /dev/null
+++ b/libtomcrypt/src/modes/f8/f8_getiv.c
@@ -0,0 +1,46 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+   @file ofb_getiv.c
+   F8 implementation, get IV, Tom St Denis
+*/
+
+#ifdef LTC_F8_MODE
+
+/**
+   Get the current initial vector
+   @param IV   [out] The destination of the initial vector
+   @param len  [in/out]  The max size and resulting size of the initial vector
+   @param f8   The F8 state
+   @return CRYPT_OK if successful
+*/
+int f8_getiv(unsigned char *IV, unsigned long *len, symmetric_F8 *f8)
+{
+   LTC_ARGCHK(IV  != NULL);
+   LTC_ARGCHK(len != NULL);
+   LTC_ARGCHK(f8  != NULL);
+   if ((unsigned long)f8->blocklen > *len) {
+      *len = f8->blocklen;
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+   XMEMCPY(IV, f8->IV, f8->blocklen);
+   *len = f8->blocklen;
+
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/f8/f8_getiv.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2006/06/16 22:49:25 $ */
diff --git a/libtomcrypt/src/modes/f8/f8_setiv.c b/libtomcrypt/src/modes/f8/f8_setiv.c
new file mode 100644
index 0000000..469cc15
--- /dev/null
+++ b/libtomcrypt/src/modes/f8/f8_setiv.c
@@ -0,0 +1,52 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+   @file f8_setiv.c
+   F8 implementation, set IV, Tom St Denis
+*/
+
+#ifdef LTC_F8_MODE
+
+/**
+   Set an initial vector
+   @param IV   The initial vector
+   @param len  The length of the vector (in octets)
+   @param f8   The F8 state
+   @return CRYPT_OK if successful
+*/
+int f8_setiv(const unsigned char *IV, unsigned long len, symmetric_F8 *f8)
+{
+   int err;
+
+   LTC_ARGCHK(IV != NULL);
+   LTC_ARGCHK(f8 != NULL);
+
+   if ((err = cipher_is_valid(f8->cipher)) != CRYPT_OK) {
+       return err;
+   }
+
+   if (len != (unsigned long)f8->blocklen) {
+      return CRYPT_INVALID_ARG;
+   }
+
+   /* force next block */
+   f8->padlen = 0;
+   return cipher_descriptor[f8->cipher].ecb_encrypt(IV, f8->IV, &f8->key);
+}
+
+#endif 
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/f8/f8_setiv.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2006/06/16 22:49:25 $ */
diff --git a/libtomcrypt/src/modes/f8/f8_start.c b/libtomcrypt/src/modes/f8/f8_start.c
new file mode 100644
index 0000000..bb05c16
--- /dev/null
+++ b/libtomcrypt/src/modes/f8/f8_start.c
@@ -0,0 +1,98 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+   @file f8_start.c
+   F8 implementation, start chain, Tom St Denis
+*/
+
+
+#ifdef LTC_F8_MODE
+
+/**
+   Initialize an F8 context
+   @param cipher      The index of the cipher desired
+   @param IV          The initial vector
+   @param key         The secret key 
+   @param keylen      The length of the secret key (octets)
+   @param salt_key    The salting key for the IV
+   @param skeylen     The length of the salting key (octets)
+   @param num_rounds  Number of rounds in the cipher desired (0 for default)
+   @param f8          The F8 state to initialize
+   @return CRYPT_OK if successful
+*/
+int f8_start(                int  cipher, const unsigned char *IV, 
+             const unsigned char *key,                    int  keylen, 
+             const unsigned char *salt_key,               int  skeylen,
+                             int  num_rounds,   symmetric_F8  *f8)
+{
+   int           x, err;
+   unsigned char tkey[MAXBLOCKSIZE];
+
+   LTC_ARGCHK(IV       != NULL);
+   LTC_ARGCHK(key      != NULL);
+   LTC_ARGCHK(salt_key != NULL);
+   LTC_ARGCHK(f8       != NULL);
+
+   if ((err = cipher_is_valid(cipher)) != CRYPT_OK) {
+      return err;
+   }
+
+#ifdef LTC_FAST
+   if (cipher_descriptor[cipher].block_length % sizeof(LTC_FAST_TYPE)) {
+      return CRYPT_INVALID_ARG;
+   }
+#endif
+
+   /* copy details */
+   f8->blockcnt = 0;
+   f8->cipher   = cipher;
+   f8->blocklen = cipher_descriptor[cipher].block_length;
+   f8->padlen   = f8->blocklen;
+   
+   /* now get key ^ salt_key [extend salt_ket with 0x55 as required to match length] */
+   zeromem(tkey, sizeof(tkey));
+   for (x = 0; x < keylen && x < (int)sizeof(tkey); x++) {
+       tkey[x] = key[x];
+   }
+   for (x = 0; x < skeylen && x < (int)sizeof(tkey); x++) {
+       tkey[x] ^= salt_key[x];
+   }       
+   for (; x < keylen && x < (int)sizeof(tkey); x++) {
+       tkey[x] ^= 0x55;
+   }
+   
+   /* now encrypt with tkey[0..keylen-1] the IV and use that as the IV */
+   if ((err = cipher_descriptor[cipher].setup(tkey, keylen, num_rounds, &f8->key)) != CRYPT_OK) {
+      return err;
+   }
+   
+   /* encrypt IV */
+   if ((err = cipher_descriptor[f8->cipher].ecb_encrypt(IV, f8->MIV, &f8->key)) != CRYPT_OK) {
+      cipher_descriptor[f8->cipher].done(&f8->key);
+      return err;
+   }
+   zeromem(tkey, sizeof(tkey));
+   zeromem(f8->IV, sizeof(f8->IV));
+   
+   /* terminate this cipher */
+   cipher_descriptor[f8->cipher].done(&f8->key);
+   
+   /* init the cipher */
+   return cipher_descriptor[cipher].setup(key, keylen, num_rounds, &f8->key);
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/f8/f8_start.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/11/05 01:36:43 $ */
diff --git a/libtomcrypt/src/modes/f8/f8_test_mode.c b/libtomcrypt/src/modes/f8/f8_test_mode.c
new file mode 100644
index 0000000..68160ea
--- /dev/null
+++ b/libtomcrypt/src/modes/f8/f8_test_mode.c
@@ -0,0 +1,76 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+   @file f8_test_mode.c
+   F8 implementation, test, Tom St Denis
+*/
+
+
+#ifdef LTC_F8_MODE
+
+int f8_test_mode(void)
+{
+#ifndef LTC_TEST
+   return CRYPT_NOP;
+#else
+   static const unsigned char key[16] = { 0x23, 0x48, 0x29, 0x00, 0x84, 0x67, 0xbe, 0x18, 
+                                          0x6c, 0x3d, 0xe1, 0x4a, 0xae, 0x72, 0xd6, 0x2c };
+   static const unsigned char salt[4] = { 0x32, 0xf2, 0x87, 0x0d };
+   static const unsigned char IV[16]  = { 0x00, 0x6e, 0x5c, 0xba, 0x50, 0x68, 0x1d, 0xe5, 
+                                          0x5c, 0x62, 0x15, 0x99, 0xd4, 0x62, 0x56, 0x4a };
+   static const unsigned char pt[39]  = { 0x70, 0x73, 0x65, 0x75, 0x64, 0x6f, 0x72, 0x61, 
+                                          0x6e, 0x64, 0x6f, 0x6d, 0x6e, 0x65, 0x73, 0x73,
+                                          0x20, 0x69, 0x73, 0x20, 0x74, 0x68, 0x65, 0x20, 
+                                          0x6e, 0x65, 0x78, 0x74, 0x20, 0x62, 0x65, 0x73,
+                                          0x74, 0x20, 0x74, 0x68, 0x69, 0x6e, 0x67       };
+   static const unsigned char ct[39]  = { 0x01, 0x9c, 0xe7, 0xa2, 0x6e, 0x78, 0x54, 0x01, 
+                                          0x4a, 0x63, 0x66, 0xaa, 0x95, 0xd4, 0xee, 0xfd,
+                                          0x1a, 0xd4, 0x17, 0x2a, 0x14, 0xf9, 0xfa, 0xf4, 
+                                          0x55, 0xb7, 0xf1, 0xd4, 0xb6, 0x2b, 0xd0, 0x8f,
+                                          0x56, 0x2c, 0x0e, 0xef, 0x7c, 0x48, 0x02       };
+   unsigned char buf[39];
+   symmetric_F8  f8;
+   int           err, idx;
+   
+   idx = find_cipher("aes");
+   if (idx == -1) {
+      idx = find_cipher("rijndael");
+      if (idx == -1) return CRYPT_NOP;
+   }      
+   
+   /* initialize the context */
+   if ((err = f8_start(idx, IV, key, sizeof(key), salt, sizeof(salt), 0, &f8)) != CRYPT_OK) {
+      return err;
+   }
+   
+   /* encrypt block */
+   if ((err = f8_encrypt(pt, buf, sizeof(pt), &f8)) != CRYPT_OK) {
+      f8_done(&f8);
+      return err;
+   }
+   f8_done(&f8);
+
+   /* compare */
+   if (XMEMCMP(buf, ct, sizeof(ct))) {
+      return CRYPT_FAIL_TESTVECTOR;
+   }      
+   
+   return CRYPT_OK;
+#endif   
+}   
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/f8/f8_test_mode.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2006/11/13 11:55:25 $ */
diff --git a/libtomcrypt/src/modes/lrw/lrw_decrypt.c b/libtomcrypt/src/modes/lrw/lrw_decrypt.c
new file mode 100644
index 0000000..24eece8
--- /dev/null
+++ b/libtomcrypt/src/modes/lrw/lrw_decrypt.c
@@ -0,0 +1,51 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+   @file lrw_decrypt.c
+   LRW_MODE implementation, Decrypt blocks, Tom St Denis
+*/
+
+#ifdef LTC_LRW_MODE
+
+/**
+  LRW decrypt blocks
+  @param ct     The ciphertext
+  @param pt     [out] The plaintext
+  @param len    The length in octets, must be a multiple of 16
+  @param lrw    The LRW state
+*/
+int lrw_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, symmetric_LRW *lrw)
+{
+   int err;
+
+   LTC_ARGCHK(pt  != NULL);
+   LTC_ARGCHK(ct  != NULL);
+   LTC_ARGCHK(lrw != NULL);
+
+   if ((err = cipher_is_valid(lrw->cipher)) != CRYPT_OK) {
+      return err;
+   }
+
+   if (cipher_descriptor[lrw->cipher].accel_lrw_decrypt != NULL) {
+      return cipher_descriptor[lrw->cipher].accel_lrw_decrypt(ct, pt, len, lrw->IV, lrw->tweak, &lrw->key);
+   }
+
+   return lrw_process(ct, pt, len, LRW_DECRYPT, lrw);
+}
+
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/lrw/lrw_decrypt.c,v $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/06/29 01:53:13 $ */
diff --git a/libtomcrypt/src/modes/lrw/lrw_done.c b/libtomcrypt/src/modes/lrw/lrw_done.c
new file mode 100644
index 0000000..4ae75c3
--- /dev/null
+++ b/libtomcrypt/src/modes/lrw/lrw_done.c
@@ -0,0 +1,42 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+   @file lrw_done.c
+   LRW_MODE implementation, Free resources, Tom St Denis
+*/
+
+#ifdef LTC_LRW_MODE
+
+/**
+  Terminate a LRW state
+  @param lrw   The state to terminate
+  @return CRYPT_OK if successful
+*/
+int lrw_done(symmetric_LRW *lrw) 
+{
+   int err;
+
+   LTC_ARGCHK(lrw != NULL);
+ 
+   if ((err = cipher_is_valid(lrw->cipher)) != CRYPT_OK) {
+      return err;
+   }
+   cipher_descriptor[lrw->cipher].done(&lrw->key);
+
+   return CRYPT_OK;
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/lrw/lrw_done.c,v $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/29 01:53:13 $ */
diff --git a/libtomcrypt/src/modes/lrw/lrw_encrypt.c b/libtomcrypt/src/modes/lrw/lrw_encrypt.c
new file mode 100644
index 0000000..5ed11c9
--- /dev/null
+++ b/libtomcrypt/src/modes/lrw/lrw_encrypt.c
@@ -0,0 +1,50 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+   @file lrw_encrypt.c
+   LRW_MODE implementation, Encrypt blocks, Tom St Denis
+*/
+
+#ifdef LTC_LRW_MODE
+ 
+/**
+  LRW encrypt blocks
+  @param pt     The plaintext
+  @param ct     [out] The ciphertext
+  @param len    The length in octets, must be a multiple of 16
+  @param lrw    The LRW state
+*/
+int lrw_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, symmetric_LRW *lrw)
+{
+   int err;
+
+   LTC_ARGCHK(pt  != NULL);
+   LTC_ARGCHK(ct  != NULL);
+   LTC_ARGCHK(lrw != NULL);
+
+   if ((err = cipher_is_valid(lrw->cipher)) != CRYPT_OK) {
+      return err;
+   }
+
+   if (cipher_descriptor[lrw->cipher].accel_lrw_encrypt != NULL) {
+      return cipher_descriptor[lrw->cipher].accel_lrw_encrypt(pt, ct, len, lrw->IV, lrw->tweak, &lrw->key);
+   }
+
+   return lrw_process(pt, ct, len, LRW_ENCRYPT, lrw);
+}
+
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/lrw/lrw_encrypt.c,v $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/06/29 01:53:13 $ */
diff --git a/libtomcrypt/src/modes/lrw/lrw_getiv.c b/libtomcrypt/src/modes/lrw/lrw_getiv.c
new file mode 100644
index 0000000..00159ce
--- /dev/null
+++ b/libtomcrypt/src/modes/lrw/lrw_getiv.c
@@ -0,0 +1,45 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+   @file lrw_getiv.c
+   LRW_MODE implementation, Retrieve the current IV, Tom St Denis
+*/
+
+#ifdef LTC_LRW_MODE
+
+/**
+  Get the IV for LRW
+  @param IV      [out] The IV, must be 16 octets
+  @param len     Length ... must be at least 16 :-)
+  @param lrw     The LRW state to read
+  @return CRYPT_OK if successful
+*/
+int lrw_getiv(unsigned char *IV, unsigned long *len, symmetric_LRW *lrw)
+{
+   LTC_ARGCHK(IV != NULL);
+   LTC_ARGCHK(len != NULL);
+   LTC_ARGCHK(lrw != NULL);
+   if (*len < 16) {
+       *len = 16;
+       return CRYPT_BUFFER_OVERFLOW;
+   }
+
+   XMEMCPY(IV, lrw->IV, 16);
+   *len = 16;
+   return CRYPT_OK;
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/lrw/lrw_getiv.c,v $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/06/29 01:53:13 $ */
diff --git a/libtomcrypt/src/modes/lrw/lrw_process.c b/libtomcrypt/src/modes/lrw/lrw_process.c
new file mode 100644
index 0000000..451d4ce
--- /dev/null
+++ b/libtomcrypt/src/modes/lrw/lrw_process.c
@@ -0,0 +1,120 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+   @file lrw_process.c
+   LRW_MODE implementation, Encrypt/decrypt blocks, Tom St Denis
+*/
+
+#ifdef LTC_LRW_MODE
+
+/**
+  Process blocks with LRW, since decrypt/encrypt are largely the same they share this code.
+  @param pt        The "input" data
+  @param ct        [out] The "output" data
+  @param len       The length of the input, must be a multiple of 128-bits (16 octets)
+  @param mode      LRW_ENCRYPT or LRW_DECRYPT
+  @param lrw       The LRW state
+  @return  CRYPT_OK if successful
+*/
+int lrw_process(const unsigned char *pt, unsigned char *ct, unsigned long len, int mode, symmetric_LRW *lrw)
+{
+   unsigned char prod[16];
+   int           x, err;
+#ifdef LRW_TABLES
+   int           y;
+#endif
+
+   LTC_ARGCHK(pt  != NULL);
+   LTC_ARGCHK(ct  != NULL);
+   LTC_ARGCHK(lrw != NULL);
+
+   if (len & 15) {
+      return CRYPT_INVALID_ARG;
+   }
+
+   while (len) {
+      /* copy pad */
+      XMEMCPY(prod, lrw->pad, 16);
+
+      /* increment IV */
+      for (x = 15; x >= 0; x--) {
+          lrw->IV[x] = (lrw->IV[x] + 1) & 255;
+          if (lrw->IV[x]) { 
+              break;
+          }
+      }
+
+      /* update pad */
+#ifdef LRW_TABLES
+      /* for each byte changed we undo it's affect on the pad then add the new product */
+      for (; x < 16; x++) {
+#ifdef LTC_FAST
+          for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) {
+              *((LTC_FAST_TYPE *)(lrw->pad + y)) ^= *((LTC_FAST_TYPE *)(&lrw->PC[x][lrw->IV[x]][y])) ^ *((LTC_FAST_TYPE *)(&lrw->PC[x][(lrw->IV[x]-1)&255][y]));
+          }
+#else
+          for (y = 0; y < 16; y++) {
+              lrw->pad[y] ^= lrw->PC[x][lrw->IV[x]][y] ^ lrw->PC[x][(lrw->IV[x]-1)&255][y];
+          }
+#endif
+      }
+#else
+      gcm_gf_mult(lrw->tweak, lrw->IV, lrw->pad);
+#endif
+
+      /* xor prod */
+#ifdef LTC_FAST
+      for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) {
+           *((LTC_FAST_TYPE *)(ct + x)) = *((LTC_FAST_TYPE *)(pt + x)) ^ *((LTC_FAST_TYPE *)(prod + x));
+      }
+#else
+      for (x = 0; x < 16; x++) {
+         ct[x] = pt[x] ^ prod[x];
+      }
+#endif
+
+      /* send through cipher */
+      if (mode == LRW_ENCRYPT) {
+         if ((err = cipher_descriptor[lrw->cipher].ecb_encrypt(ct, ct, &lrw->key)) != CRYPT_OK) {
+            return err;
+         }
+      } else {
+         if ((err = cipher_descriptor[lrw->cipher].ecb_decrypt(ct, ct, &lrw->key)) != CRYPT_OK) {
+            return err;
+         }
+      }               
+
+      /* xor prod */
+#ifdef LTC_FAST
+      for (x = 0; x < 16; x += sizeof(LTC_FAST_TYPE)) {
+           *((LTC_FAST_TYPE *)(ct + x)) = *((LTC_FAST_TYPE *)(ct + x)) ^ *((LTC_FAST_TYPE *)(prod + x));
+      }
+#else
+      for (x = 0; x < 16; x++) {
+         ct[x] = ct[x] ^ prod[x];
+      }
+#endif
+   
+      /* move to next */
+      pt  += 16;
+      ct  += 16;
+      len -= 16;
+   }
+
+   return CRYPT_OK;
+}
+      
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/lrw/lrw_process.c,v $ */
+/* $Revision: 1.10 $ */
+/* $Date: 2006/06/29 01:53:13 $ */
diff --git a/libtomcrypt/src/modes/lrw/lrw_setiv.c b/libtomcrypt/src/modes/lrw/lrw_setiv.c
new file mode 100644
index 0000000..bb3c0aa
--- /dev/null
+++ b/libtomcrypt/src/modes/lrw/lrw_setiv.c
@@ -0,0 +1,79 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+   @file lrw_setiv.c
+   LRW_MODE implementation, Set the current IV, Tom St Denis
+*/
+
+#ifdef LTC_LRW_MODE
+
+/**
+  Set the IV for LRW
+  @param IV      The IV, must be 16 octets
+  @param len     Length ... must be 16 :-)
+  @param lrw     The LRW state to update
+  @return CRYPT_OK if successful
+*/
+int lrw_setiv(const unsigned char *IV, unsigned long len, symmetric_LRW *lrw)
+{
+   int           err;
+#ifdef LRW_TABLES
+   unsigned char T[16];
+   int           x, y;
+#endif
+   LTC_ARGCHK(IV != NULL);
+   LTC_ARGCHK(lrw != NULL);
+
+   if (len != 16) {
+      return CRYPT_INVALID_ARG;
+   }
+
+   if ((err = cipher_is_valid(lrw->cipher)) != CRYPT_OK) {
+      return err;
+   }
+
+   /* copy the IV */
+   XMEMCPY(lrw->IV, IV, 16);
+
+   /* check if we have to actually do work */
+   if (cipher_descriptor[lrw->cipher].accel_lrw_encrypt != NULL && cipher_descriptor[lrw->cipher].accel_lrw_decrypt != NULL) {
+       /* we have accelerators, let's bail since they don't use lrw->pad anyways */
+       return CRYPT_OK;
+   }
+
+#ifdef LRW_TABLES
+   XMEMCPY(T, &lrw->PC[0][IV[0]][0], 16);
+   for (x = 1; x < 16; x++) {
+#ifdef LTC_FAST
+       for (y = 0; y < 16; y += sizeof(LTC_FAST_TYPE)) {
+           *((LTC_FAST_TYPE *)(T + y)) ^= *((LTC_FAST_TYPE *)(&lrw->PC[x][IV[x]][y]));
+       }
+#else
+       for (y = 0; y < 16; y++) {
+           T[y] ^= lrw->PC[x][IV[x]][y];
+       }
+#endif
+   }
+   XMEMCPY(lrw->pad, T, 16);
+#else     
+   gcm_gf_mult(lrw->tweak, IV, lrw->pad); 
+#endif
+
+   return CRYPT_OK;
+}
+
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/lrw/lrw_setiv.c,v $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/06/29 01:53:13 $ */
diff --git a/libtomcrypt/src/modes/lrw/lrw_start.c b/libtomcrypt/src/modes/lrw/lrw_start.c
new file mode 100644
index 0000000..a9f24b5
--- /dev/null
+++ b/libtomcrypt/src/modes/lrw/lrw_start.c
@@ -0,0 +1,103 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+   @file lrw_start.c
+   LRW_MODE implementation, start mode, Tom St Denis
+*/
+
+#ifdef LTC_LRW_MODE
+
+/**
+  Initialize the LRW context
+  @param cipher        The cipher desired, must be a 128-bit block cipher 
+  @param IV            The index value, must be 128-bits
+  @param key           The cipher key 
+  @param keylen        The length of the cipher key in octets
+  @param tweak         The tweak value (second key), must be 128-bits
+  @param num_rounds    The number of rounds for the cipher (0 == default)
+  @param lrw           [out] The LRW state
+  @return CRYPT_OK on success.
+*/
+int lrw_start(               int   cipher,
+              const unsigned char *IV,
+              const unsigned char *key,       int keylen,
+              const unsigned char *tweak,
+                             int  num_rounds, 
+                   symmetric_LRW *lrw)
+{
+   int           err;
+#ifdef LRW_TABLES
+   unsigned char B[16];
+   int           x, y, z, t;
+#endif
+
+  LTC_ARGCHK(IV    != NULL);
+  LTC_ARGCHK(key   != NULL);
+  LTC_ARGCHK(tweak != NULL);
+  LTC_ARGCHK(lrw   != NULL);
+
+#ifdef LTC_FAST
+   if (16 % sizeof(LTC_FAST_TYPE)) {
+      return CRYPT_INVALID_ARG;
+   }
+#endif
+
+   /* is cipher valid? */
+   if ((err = cipher_is_valid(cipher)) != CRYPT_OK) {
+      return err;
+   }
+   if (cipher_descriptor[cipher].block_length != 16) {
+      return CRYPT_INVALID_CIPHER;
+   }
+
+   /* schedule key */
+   if ((err = cipher_descriptor[cipher].setup(key, keylen, num_rounds, &lrw->key)) != CRYPT_OK) {
+      return err;
+   }
+   lrw->cipher = cipher;
+
+   /* copy the IV and tweak */
+   XMEMCPY(lrw->tweak, tweak, 16);
+
+#ifdef LRW_TABLES
+   /* setup tables */
+   /* generate the first table as it has no shifting (from which we make the other tables) */
+   zeromem(B, 16);
+   for (y = 0; y < 256; y++) {
+        B[0] = y;
+        gcm_gf_mult(tweak, B, &lrw->PC[0][y][0]);
+   }
+
+   /* now generate the rest of the tables based the previous table */
+   for (x = 1; x < 16; x++) {
+      for (y = 0; y < 256; y++) {
+         /* now shift it right by 8 bits */
+         t = lrw->PC[x-1][y][15];
+         for (z = 15; z > 0; z--) {
+             lrw->PC[x][y][z] = lrw->PC[x-1][y][z-1];
+         }
+         lrw->PC[x][y][0]  = gcm_shift_table[t<<1];
+         lrw->PC[x][y][1] ^= gcm_shift_table[(t<<1)+1];
+     }
+  }
+#endif
+
+   /* generate first pad */
+   return lrw_setiv(IV, 16, lrw);
+}
+
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/lrw/lrw_start.c,v $ */
+/* $Revision: 1.11 $ */
+/* $Date: 2006/06/29 01:53:13 $ */
diff --git a/libtomcrypt/src/modes/lrw/lrw_test.c b/libtomcrypt/src/modes/lrw/lrw_test.c
new file mode 100644
index 0000000..fe33845
--- /dev/null
+++ b/libtomcrypt/src/modes/lrw/lrw_test.c
@@ -0,0 +1,136 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+   @file lrw_test.c
+   LRW_MODE implementation, test LRW, Tom St Denis
+*/
+
+#ifdef LTC_LRW_MODE
+
+/**
+  Test LRW against specs
+  @return CRYPT_OK if goodly
+*/
+int lrw_test(void)
+{
+#ifndef  LTC_TEST
+   return CRYPT_NOP;
+#else
+   static const struct {
+      unsigned char key[16], tweak[16], IV[16], P[16], expected_tweak[16], C[16];
+   } tests[] = {
+
+{
+{ 0x45, 0x62, 0xac, 0x25, 0xf8, 0x28, 0x17, 0x6d, 0x4c, 0x26, 0x84, 0x14, 0xb5, 0x68, 0x01, 0x85 },
+{ 0x25, 0x8e, 0x2a, 0x05, 0xe7, 0x3e, 0x9d, 0x03, 0xee, 0x5a, 0x83, 0x0c, 0xcc, 0x09, 0x4c, 0x87 },
+{ 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+{ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46 },
+{ 0x25, 0x8e, 0x2a, 0x05, 0xe7, 0x3e, 0x9d, 0x03, 0xee, 0x5a, 0x83, 0x0c, 0xcc, 0x09, 0x4c, 0x87 },
+{ 0xf1, 0xb2, 0x73, 0xcd, 0x65, 0xa3, 0xdf, 0x5f, 0xe9, 0x5d, 0x48, 0x92, 0x54, 0x63, 0x4e, 0xb8 }
+},
+
+{
+{ 0x59, 0x70, 0x47, 0x14, 0xf5, 0x57, 0x47, 0x8c, 0xd7, 0x79, 0xe8, 0x0f, 0x54, 0x88, 0x79, 0x44 },
+{ 0x35, 0x23, 0xc2, 0xde, 0xc5, 0x69, 0x4f, 0xa8, 0x72, 0xa9, 0xac, 0xa7, 0x0b, 0x2b, 0xee, 0xbc },
+{ 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
+{ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46 },
+{ 0x1a, 0x91, 0xe1, 0x6f, 0x62, 0xb4, 0xa7, 0xd4, 0x39, 0x54, 0xd6, 0x53, 0x85, 0x95, 0xf7, 0x5e },
+{ 0x00, 0xc8, 0x2b, 0xae, 0x95, 0xbb, 0xcd, 0xe5, 0x27, 0x4f, 0x07, 0x69, 0xb2, 0x60, 0xe1, 0x36 },
+},
+
+{
+{ 0x59, 0x70, 0x47, 0x14, 0xf5, 0x57, 0x47, 0x8c, 0xd7, 0x79, 0xe8, 0x0f, 0x54, 0x88, 0x79, 0x44 },
+{ 0x67, 0x53, 0xc9, 0x0c, 0xb7, 0xd8, 0xcd, 0xe5, 0x06, 0xa0, 0x47, 0x78, 0x1a, 0xad, 0x85, 0x11 },
+{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02 },
+{ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46 },
+{ 0x1a, 0x91, 0xe1, 0x6f, 0x62, 0xb4, 0xa7, 0xd4, 0x39, 0x54, 0xd6, 0x53, 0x85, 0x95, 0xf7, 0x5e },
+{ 0x00, 0xc8, 0x2b, 0xae, 0x95, 0xbb, 0xcd, 0xe5, 0x27, 0x4f, 0x07, 0x69, 0xb2, 0x60, 0xe1, 0x36 },
+},
+
+{
+
+{ 0xd8, 0x2a, 0x91, 0x34, 0xb2, 0x6a, 0x56, 0x50, 0x30, 0xfe, 0x69, 0xe2, 0x37, 0x7f, 0x98, 0x47 },
+{ 0x4e, 0xb5, 0x5d, 0x31, 0x05, 0x97, 0x3a, 0x3f, 0x5e, 0x23, 0xda, 0xfb, 0x5a, 0x45, 0xd6, 0xc0 },
+{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00 },
+{ 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46 },
+{ 0x18, 0xc9, 0x1f, 0x6d, 0x60, 0x1a, 0x1a, 0x37, 0x5d, 0x0b, 0x0e, 0xf7, 0x3a, 0xd5, 0x74, 0xc4 },
+{ 0x76, 0x32, 0x21, 0x83, 0xed, 0x8f, 0xf1, 0x82, 0xf9, 0x59, 0x62, 0x03, 0x69, 0x0e, 0x5e, 0x01 },
+
+}
+};
+
+  int idx, err, x;
+  symmetric_LRW lrw;
+  unsigned char buf[2][16];
+
+  idx = find_cipher("aes");
+  if (idx == -1) {
+     idx = find_cipher("rijndael");
+     if (idx == -1) {
+        return CRYPT_NOP;
+     }
+  }
+
+  for (x = 0; x < (int)(sizeof(tests)/sizeof(tests[0])); x++) {
+     /* schedule it */
+     if ((err = lrw_start(idx, tests[x].IV, tests[x].key, 16, tests[x].tweak, 0, &lrw)) != CRYPT_OK) {
+        return err;
+     }
+
+     /* check pad against expected tweak */
+     if (XMEMCMP(tests[x].expected_tweak, lrw.pad, 16)) {
+        lrw_done(&lrw);
+        return CRYPT_FAIL_TESTVECTOR;
+     }
+
+     /* process block */
+     if ((err = lrw_encrypt(tests[x].P, buf[0], 16, &lrw)) != CRYPT_OK) {
+        lrw_done(&lrw);
+        return err;
+     }
+
+     if (XMEMCMP(buf[0], tests[x].C, 16)) {
+        lrw_done(&lrw);
+        return CRYPT_FAIL_TESTVECTOR;
+     }
+
+     /* process block */
+     if ((err = lrw_setiv(tests[x].IV, 16, &lrw)) != CRYPT_OK) { 
+        lrw_done(&lrw);
+        return err;
+     }
+
+     if ((err = lrw_decrypt(buf[0], buf[1], 16, &lrw)) != CRYPT_OK) {
+        lrw_done(&lrw);
+        return err;
+     }
+
+     if (XMEMCMP(buf[1], tests[x].P, 16)) {
+        lrw_done(&lrw);
+        return CRYPT_FAIL_TESTVECTOR;
+     }
+     if ((err = lrw_done(&lrw)) != CRYPT_OK) {
+        return err;
+     }
+   }
+   return CRYPT_OK;
+#endif
+}
+
+#endif
+
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/modes/lrw/lrw_test.c,v $ */
+/* $Revision: 1.11 $ */
+/* $Date: 2006/06/29 01:53:13 $ */
diff --git a/libtomcrypt/src/modes/ofb/ofb_decrypt.c b/libtomcrypt/src/modes/ofb/ofb_decrypt.c
index cf5f19d..1ada1ed 100644
--- a/libtomcrypt/src/modes/ofb/ofb_decrypt.c
+++ b/libtomcrypt/src/modes/ofb/ofb_decrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   OFB implementation, decrypt data, Tom St Denis
 */
 
-#ifdef OFB
+#ifdef LTC_OFB_MODE
 
 /**
    OFB decrypt
@@ -39,5 +39,5 @@ int ofb_decrypt(const unsigned char *ct, unsigned char *pt, unsigned long len, s
  
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ofb/ofb_decrypt.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/06/29 01:51:34 $ */
diff --git a/libtomcrypt/src/modes/ofb/ofb_done.c b/libtomcrypt/src/modes/ofb/ofb_done.c
index 5e114f4..50a9de2 100644
--- a/libtomcrypt/src/modes/ofb/ofb_done.c
+++ b/libtomcrypt/src/modes/ofb/ofb_done.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    OFB implementation, finish chain, Tom St Denis
 */
 
-#ifdef OFB
+#ifdef LTC_OFB_MODE
 
 /** Terminate the chain
   @param ofb    The OFB chain to terminate
@@ -38,5 +38,5 @@ int ofb_done(symmetric_OFB *ofb)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ofb/ofb_done.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/29 01:51:34 $ */
diff --git a/libtomcrypt/src/modes/ofb/ofb_encrypt.c b/libtomcrypt/src/modes/ofb/ofb_encrypt.c
index d66979a..2c19f1d 100644
--- a/libtomcrypt/src/modes/ofb/ofb_encrypt.c
+++ b/libtomcrypt/src/modes/ofb/ofb_encrypt.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
   OFB implementation, encrypt data, Tom St Denis
 */
 
-#ifdef OFB
+#ifdef LTC_OFB_MODE
 
 /**
   OFB encrypt
@@ -43,10 +43,12 @@ int ofb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
    
    while (len-- > 0) {
        if (ofb->padlen == ofb->blocklen) {
-          cipher_descriptor[ofb->cipher].ecb_encrypt(ofb->IV, ofb->IV, &ofb->key);
+          if ((err = cipher_descriptor[ofb->cipher].ecb_encrypt(ofb->IV, ofb->IV, &ofb->key)) != CRYPT_OK) {
+             return err;
+          }
           ofb->padlen = 0;
        }
-       *ct++ = *pt++ ^ ofb->IV[ofb->padlen++];
+       *ct++ = *pt++ ^ ofb->IV[(ofb->padlen)++];
    }
    return CRYPT_OK;
 }
@@ -54,5 +56,5 @@ int ofb_encrypt(const unsigned char *pt, unsigned char *ct, unsigned long len, s
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ofb/ofb_encrypt.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/11/26 01:45:14 $ */
diff --git a/libtomcrypt/src/modes/ofb/ofb_getiv.c b/libtomcrypt/src/modes/ofb/ofb_getiv.c
index f945fff..641d14b 100644
--- a/libtomcrypt/src/modes/ofb/ofb_getiv.c
+++ b/libtomcrypt/src/modes/ofb/ofb_getiv.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    OFB implementation, get IV, Tom St Denis
 */
 
-#ifdef OFB
+#ifdef LTC_OFB_MODE
 
 /**
    Get the current initial vector
@@ -30,6 +30,7 @@ int ofb_getiv(unsigned char *IV, unsigned long *len, symmetric_OFB *ofb)
    LTC_ARGCHK(len != NULL);
    LTC_ARGCHK(ofb != NULL);
    if ((unsigned long)ofb->blocklen > *len) {
+      *len = ofb->blocklen;
       return CRYPT_BUFFER_OVERFLOW;
    }
    XMEMCPY(IV, ofb->IV, ofb->blocklen);
@@ -41,5 +42,5 @@ int ofb_getiv(unsigned char *IV, unsigned long *len, symmetric_OFB *ofb)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ofb/ofb_getiv.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/29 01:51:34 $ */
diff --git a/libtomcrypt/src/modes/ofb/ofb_setiv.c b/libtomcrypt/src/modes/ofb/ofb_setiv.c
index f678601..35a84e9 100644
--- a/libtomcrypt/src/modes/ofb/ofb_setiv.c
+++ b/libtomcrypt/src/modes/ofb/ofb_setiv.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -15,7 +15,7 @@
    OFB implementation, set IV, Tom St Denis
 */
 
-#ifdef OFB
+#ifdef LTC_OFB_MODE
 
 /**
    Set an initial vector
@@ -41,13 +41,12 @@ int ofb_setiv(const unsigned char *IV, unsigned long len, symmetric_OFB *ofb)
 
    /* force next block */
    ofb->padlen = 0;
-   cipher_descriptor[ofb->cipher].ecb_encrypt(IV, ofb->IV, &ofb->key);
-   return CRYPT_OK;
+   return cipher_descriptor[ofb->cipher].ecb_encrypt(IV, ofb->IV, &ofb->key);
 }
 
 #endif 
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ofb/ofb_setiv.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/29 01:51:34 $ */
diff --git a/libtomcrypt/src/modes/ofb/ofb_start.c b/libtomcrypt/src/modes/ofb/ofb_start.c
index 083e381..1f0f65a 100644
--- a/libtomcrypt/src/modes/ofb/ofb_start.c
+++ b/libtomcrypt/src/modes/ofb/ofb_start.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -16,7 +16,7 @@
 */
 
 
-#ifdef OFB
+#ifdef LTC_OFB_MODE
 
 /**
    Initialize a OFB context
@@ -56,5 +56,5 @@ int ofb_start(int cipher, const unsigned char *IV, const unsigned char *key,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/modes/ofb/ofb_start.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/06/29 01:51:34 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/bit/der_decode_bit_string.c b/libtomcrypt/src/pk/asn1/der/bit/der_decode_bit_string.c
index da5b989..1d3569c 100644
--- a/libtomcrypt/src/pk/asn1/der/bit/der_decode_bit_string.c
+++ b/libtomcrypt/src/pk/asn1/der/bit/der_decode_bit_string.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -51,7 +51,7 @@ int der_decode_bit_string(const unsigned char *in,  unsigned long inlen,
    /* get the length of the data */
    if (in[x] & 0x80) {
       /* long format get number of length bytes */
-      y = in[x++] & 127;
+      y = in[x++] & 0x7F;
 
       /* invalid if 0 or > 2 */
       if (y == 0 || y > 2) {
@@ -65,7 +65,7 @@ int der_decode_bit_string(const unsigned char *in,  unsigned long inlen,
       }
    } else {
       /* short format */
-      dlen = in[x++] & 127;
+      dlen = in[x++] & 0x7F;
    }
   
    /* is the data len too long or too short? */
@@ -78,6 +78,7 @@ int der_decode_bit_string(const unsigned char *in,  unsigned long inlen,
 
    /* too many bits? */
    if (blen > *outlen) {
+      *outlen = blen;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
@@ -97,5 +98,5 @@ int der_decode_bit_string(const unsigned char *in,  unsigned long inlen,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/bit/der_decode_bit_string.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/16 15:08:11 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/06/16 21:53:41 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/bit/der_encode_bit_string.c b/libtomcrypt/src/pk/asn1/der/bit/der_encode_bit_string.c
index 569c15b..757963c 100644
--- a/libtomcrypt/src/pk/asn1/der/bit/der_encode_bit_string.c
+++ b/libtomcrypt/src/pk/asn1/der/bit/der_encode_bit_string.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -29,7 +29,8 @@
 int der_encode_bit_string(const unsigned char *in, unsigned long inlen,
                                 unsigned char *out, unsigned long *outlen)
 {
-   unsigned long len, x, y, buf;
+   unsigned long len, x, y;
+   unsigned char buf;
    int           err;
 
    LTC_ARGCHK(in     != NULL);
@@ -42,6 +43,7 @@ int der_encode_bit_string(const unsigned char *in, unsigned long inlen,
    }
 
    if (len > *outlen) {
+      *outlen = len;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
@@ -51,18 +53,18 @@ int der_encode_bit_string(const unsigned char *in, unsigned long inlen,
 
    out[x++] = 0x03;
    if (y < 128) {
-      out[x++] = y;
+      out[x++] = (unsigned char)y;
    } else if (y < 256) {
       out[x++] = 0x81;
-      out[x++] = y;
+      out[x++] = (unsigned char)y;
    } else if (y < 65536) {
       out[x++] = 0x82;
-      out[x++] = (y>>8)&255;
-      out[x++] = y&255;
+      out[x++] = (unsigned char)((y>>8)&255);
+      out[x++] = (unsigned char)(y&255);
    }
 
    /* store number of zero padding bits */
-   out[x++] = (8 - inlen) & 7;
+   out[x++] = (unsigned char)((8 - inlen) & 7);
 
    /* store the bits in big endian format */
    for (y = buf = 0; y < inlen; y++) {
@@ -83,5 +85,5 @@ int der_encode_bit_string(const unsigned char *in, unsigned long inlen,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/bit/der_encode_bit_string.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/16 15:08:11 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/12/04 21:34:03 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/bit/der_length_bit_string.c b/libtomcrypt/src/pk/asn1/der/bit/der_length_bit_string.c
index dd6ea6d..3dc2abf 100644
--- a/libtomcrypt/src/pk/asn1/der/bit/der_length_bit_string.c
+++ b/libtomcrypt/src/pk/asn1/der/bit/der_length_bit_string.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -50,5 +50,5 @@ int der_length_bit_string(unsigned long nbits, unsigned long *outlen)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/bit/der_length_bit_string.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/16 15:08:11 $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/boolean/der_decode_boolean.c b/libtomcrypt/src/pk/asn1/der/boolean/der_decode_boolean.c
new file mode 100644
index 0000000..7259e51
--- /dev/null
+++ b/libtomcrypt/src/pk/asn1/der/boolean/der_decode_boolean.c
@@ -0,0 +1,47 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_decode_boolean.c
+  ASN.1 DER, decode a BOOLEAN, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+
+/**
+  Read a BOOLEAN
+  @param in      The destination for the DER encoded BOOLEAN
+  @param inlen   The size of the DER BOOLEAN
+  @param out     [out]  The boolean to decode
+  @return CRYPT_OK if successful
+*/
+int der_decode_boolean(const unsigned char *in, unsigned long inlen,
+                                       int *out)
+{
+   LTC_ARGCHK(in  != NULL);
+   LTC_ARGCHK(out != NULL);
+   
+   if (inlen != 3 || in[0] != 0x01 || in[1] != 0x01 || (in[2] != 0x00 && in[2] != 0xFF)) {
+      return CRYPT_INVALID_ARG;
+   }
+   
+   *out = (in[2]==0xFF) ? 1 : 0;
+   
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/boolean/der_decode_boolean.c,v $ */
+/* $Revision: 1.1 $ */
+/* $Date: 2006/04/22 17:01:59 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/boolean/der_encode_boolean.c b/libtomcrypt/src/pk/asn1/der/boolean/der_encode_boolean.c
new file mode 100644
index 0000000..9344a79
--- /dev/null
+++ b/libtomcrypt/src/pk/asn1/der/boolean/der_encode_boolean.c
@@ -0,0 +1,51 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_encode_boolean.c
+  ASN.1 DER, encode a BOOLEAN, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+
+/**
+  Store a BOOLEAN
+  @param in       The boolean to encode
+  @param out      [out] The destination for the DER encoded BOOLEAN
+  @param outlen   [in/out] The max size and resulting size of the DER BOOLEAN
+  @return CRYPT_OK if successful
+*/
+int der_encode_boolean(int in, 
+                       unsigned char *out, unsigned long *outlen)
+{
+   LTC_ARGCHK(outlen != NULL);
+   LTC_ARGCHK(out    != NULL);
+   
+   if (*outlen < 3) {
+       *outlen = 3;
+       return CRYPT_BUFFER_OVERFLOW;
+   }
+   
+   *outlen = 3;
+   out[0] = 0x01;
+   out[1] = 0x01;
+   out[2] = in ? 0xFF : 0x00;
+   
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/boolean/der_encode_boolean.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2006/06/16 21:53:41 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/boolean/der_length_boolean.c b/libtomcrypt/src/pk/asn1/der/boolean/der_length_boolean.c
new file mode 100644
index 0000000..cd5bf2d
--- /dev/null
+++ b/libtomcrypt/src/pk/asn1/der/boolean/der_length_boolean.c
@@ -0,0 +1,35 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_length_boolean.c
+  ASN.1 DER, get length of a BOOLEAN, Tom St Denis
+*/
+
+#ifdef LTC_DER
+/**
+  Gets length of DER encoding of a BOOLEAN 
+  @param outlen [out] The length of the DER encoding
+  @return CRYPT_OK if successful
+*/
+int der_length_boolean(unsigned long *outlen)
+{
+   LTC_ARGCHK(outlen != NULL);
+   *outlen = 3;
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/boolean/der_length_boolean.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2006/04/22 17:28:38 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/choice/der_decode_choice.c b/libtomcrypt/src/pk/asn1/der/choice/der_decode_choice.c
index 61cba11..4ff6f17 100644
--- a/libtomcrypt/src/pk/asn1/der/choice/der_decode_choice.c
+++ b/libtomcrypt/src/pk/asn1/der/choice/der_decode_choice.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -96,6 +96,7 @@ int der_decode_choice(const unsigned char *in,   unsigned long *inlen,
            case LTC_ASN1_NULL:
                if (*inlen == 2 && in[x] == 0x05 && in[x+1] == 0x00) {
                   *inlen = 2;
+                  list[x].used   = 1;
                   return CRYPT_OK;
                }
                break;
@@ -134,6 +135,17 @@ int der_decode_choice(const unsigned char *in,   unsigned long *inlen,
                }
                break;
 
+           case LTC_ASN1_UTF8_STRING:
+               if (der_decode_utf8_string(in, *inlen, data, &size) == CRYPT_OK) {
+                  if (der_length_utf8_string(data, size, &z) == CRYPT_OK) {
+                     list[x].used = 1;
+                     list[x].size = size;
+                     *inlen       = z;
+                     return CRYPT_OK;
+                  }
+               }
+               break;
+
            case LTC_ASN1_UTCTIME:
                z = *inlen;
                if (der_decode_utctime(in, &z, data) == CRYPT_OK) {
@@ -143,6 +155,8 @@ int der_decode_choice(const unsigned char *in,   unsigned long *inlen,
                }
                break;
 
+           case LTC_ASN1_SET:
+           case LTC_ASN1_SETOF:
            case LTC_ASN1_SEQUENCE:
                if (der_decode_sequence(in, *inlen, data, size) == CRYPT_OK) {
                   if (der_length_sequence(data, size, &z) == CRYPT_OK) {
@@ -164,5 +178,5 @@ int der_decode_choice(const unsigned char *in,   unsigned long *inlen,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/choice/der_decode_choice.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/19 11:25:01 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/12/06 02:23:49 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/ia5/der_decode_ia5_string.c b/libtomcrypt/src/pk/asn1/der/ia5/der_decode_ia5_string.c
index ac0a4af..2514b77 100644
--- a/libtomcrypt/src/pk/asn1/der/ia5/der_decode_ia5_string.c
+++ b/libtomcrypt/src/pk/asn1/der/ia5/der_decode_ia5_string.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -67,6 +67,7 @@ int der_decode_ia5_string(const unsigned char *in, unsigned long inlen,
 
    /* is it too long? */
    if (len > *outlen) {
+      *outlen = len;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
@@ -91,5 +92,5 @@ int der_decode_ia5_string(const unsigned char *in, unsigned long inlen,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/ia5/der_decode_ia5_string.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/16 15:08:11 $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2006/06/16 21:53:41 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/ia5/der_encode_ia5_string.c b/libtomcrypt/src/pk/asn1/der/ia5/der_encode_ia5_string.c
index a79b46e..aff3392 100644
--- a/libtomcrypt/src/pk/asn1/der/ia5/der_encode_ia5_string.c
+++ b/libtomcrypt/src/pk/asn1/der/ia5/der_encode_ia5_string.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -42,6 +42,7 @@ int der_encode_ia5_string(const unsigned char *in, unsigned long inlen,
 
    /* too big? */
    if (len > *outlen) {
+      *outlen = len;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
@@ -49,19 +50,19 @@ int der_encode_ia5_string(const unsigned char *in, unsigned long inlen,
    x = 0;
    out[x++] = 0x16;
    if (inlen < 128) {
-      out[x++] = inlen;
+      out[x++] = (unsigned char)inlen;
    } else if (inlen < 256) {
       out[x++] = 0x81;
-      out[x++] = inlen;
+      out[x++] = (unsigned char)inlen;
    } else if (inlen < 65536UL) {
       out[x++] = 0x82;
-      out[x++] = (inlen>>8)&255;
-      out[x++] = inlen&255;
+      out[x++] = (unsigned char)((inlen>>8)&255);
+      out[x++] = (unsigned char)(inlen&255);
    } else if (inlen < 16777216UL) {
       out[x++] = 0x83;
-      out[x++] = (inlen>>16)&255;
-      out[x++] = (inlen>>8)&255;
-      out[x++] = inlen&255;
+      out[x++] = (unsigned char)((inlen>>16)&255);
+      out[x++] = (unsigned char)((inlen>>8)&255);
+      out[x++] = (unsigned char)(inlen&255);
    } else {
       return CRYPT_INVALID_ARG;
    }
@@ -80,5 +81,5 @@ int der_encode_ia5_string(const unsigned char *in, unsigned long inlen,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/ia5/der_encode_ia5_string.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/16 15:08:11 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/12/04 21:34:03 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/ia5/der_length_ia5_string.c b/libtomcrypt/src/pk/asn1/der/ia5/der_length_ia5_string.c
index d07d630..6278dd2 100644
--- a/libtomcrypt/src/pk/asn1/der/ia5/der_length_ia5_string.c
+++ b/libtomcrypt/src/pk/asn1/der/ia5/der_length_ia5_string.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -190,5 +190,5 @@ int der_length_ia5_string(const unsigned char *octets, unsigned long noctets, un
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/ia5/der_length_ia5_string.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/16 15:08:11 $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/integer/der_decode_integer.c b/libtomcrypt/src/pk/asn1/der/integer/der_decode_integer.c
index e68b2c9..aef87a3 100644
--- a/libtomcrypt/src/pk/asn1/der/integer/der_decode_integer.c
+++ b/libtomcrypt/src/pk/asn1/der/integer/der_decode_integer.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -25,7 +25,7 @@
   @param num      The first mp_int to decode
   @return CRYPT_OK if successful
 */
-int der_decode_integer(const unsigned char *in, unsigned long inlen, mp_int *num)
+int der_decode_integer(const unsigned char *in, unsigned long inlen, void *num)
 {
    unsigned long x, y, z;
    int           err;
@@ -56,7 +56,7 @@ int der_decode_integer(const unsigned char *in, unsigned long inlen, mp_int *num
       }
      
       /* no so read it */
-      if ((err = mpi_to_ltc_error(mp_read_unsigned_bin(num, (unsigned char *)in + x, z))) != CRYPT_OK) {
+      if ((err = mp_read_unsigned_bin(num, (unsigned char *)in + x, z)) != CRYPT_OK) {
          return err;
       }
    } else {
@@ -80,23 +80,23 @@ int der_decode_integer(const unsigned char *in, unsigned long inlen, mp_int *num
       }
 
       /* no so read it */
-      if ((err = mpi_to_ltc_error(mp_read_unsigned_bin(num, (unsigned char *)in + x, y))) != CRYPT_OK) {
+      if ((err = mp_read_unsigned_bin(num, (unsigned char *)in + x, y)) != CRYPT_OK) {
          return err;
       }
    }
 
    /* see if it's negative */
    if (in[x] & 0x80) {
-      mp_int tmp;
-      if (mp_init(&tmp) != MP_OKAY) {
+      void *tmp;
+      if (mp_init(&tmp) != CRYPT_OK) {
          return CRYPT_MEM;
       }
 
-      if (mp_2expt(&tmp, mp_count_bits(num)) != MP_OKAY || mp_sub(num, &tmp, num) != MP_OKAY) {
-         mp_clear(&tmp);
+      if (mp_2expt(tmp, mp_count_bits(num)) != CRYPT_OK || mp_sub(num, tmp, num) != CRYPT_OK) {
+         mp_clear(tmp);
          return CRYPT_MEM;
       }
-      mp_clear(&tmp);
+      mp_clear(tmp);
    } 
 
    return CRYPT_OK;
@@ -106,5 +106,5 @@ int der_decode_integer(const unsigned char *in, unsigned long inlen, mp_int *num
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/integer/der_decode_integer.c,v $ */
-/* $Revision: 1.2 $ */
-/* $Date: 2005/06/01 00:06:05 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/integer/der_encode_integer.c b/libtomcrypt/src/pk/asn1/der/integer/der_encode_integer.c
index f0f41be..ff4fce6 100644
--- a/libtomcrypt/src/pk/asn1/der/integer/der_encode_integer.c
+++ b/libtomcrypt/src/pk/asn1/der/integer/der_encode_integer.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -26,7 +26,7 @@
   @param outlen   [in/out] The max size and resulting size of the DER encoded integers
   @return CRYPT_OK if successful
 */
-int der_encode_integer(mp_int *num, unsigned char *out, unsigned long *outlen)
+int der_encode_integer(void *num, unsigned char *out, unsigned long *outlen)
 {  
    unsigned long tmplen, y;
    int           err, leading_zero;
@@ -41,12 +41,13 @@ int der_encode_integer(mp_int *num, unsigned char *out, unsigned long *outlen)
    }
 
    if (*outlen < tmplen) {
+      *outlen = tmplen;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
-   if (mp_cmp_d(num, 0) != MP_LT) {
+   if (mp_cmp_d(num, 0) != LTC_MP_LT) {
       /* we only need a leading zero if the msb of the first byte is one */
-      if ((mp_count_bits(num) & 7) == 0 || mp_iszero(num) == MP_YES) {
+      if ((mp_count_bits(num) & 7) == 0 || mp_iszero(num) == LTC_MP_YES) {
          leading_zero = 1;
       } else {
          leading_zero = 0;
@@ -59,7 +60,7 @@ int der_encode_integer(mp_int *num, unsigned char *out, unsigned long *outlen)
       y            = mp_count_bits(num);
       y            = y + (8 - (y & 7));
       y            = y >> 3;
-
+      if (((mp_cnt_lsb(num)+1)==mp_count_bits(num)) && ((mp_count_bits(num)&7)==0)) --y;
    }
 
    /* now store initial data */
@@ -69,16 +70,16 @@ int der_encode_integer(mp_int *num, unsigned char *out, unsigned long *outlen)
       *out++ = (unsigned char)y;
    } else if (y < 256) {
       *out++ = 0x81;
-      *out++ = y;
+      *out++ = (unsigned char)y;
    } else if (y < 65536UL) {
       *out++ = 0x82;
-      *out++ = (y>>8)&255;
-      *out++ = y;
+      *out++ = (unsigned char)((y>>8)&255);
+      *out++ = (unsigned char)y;
    } else if (y < 16777216UL) {
       *out++ = 0x83;
-      *out++ = (y>>16)&255;
-      *out++ = (y>>8)&255;
-      *out++ = y;
+      *out++ = (unsigned char)((y>>16)&255);
+      *out++ = (unsigned char)((y>>8)&255);
+      *out++ = (unsigned char)y;
    } else {
       return CRYPT_INVALID_ARG;
    }
@@ -89,31 +90,32 @@ int der_encode_integer(mp_int *num, unsigned char *out, unsigned long *outlen)
    }
 
    /* if it's not zero store it as big endian */
-   if (mp_cmp_d(num, 0) == MP_GT) {
+   if (mp_cmp_d(num, 0) == LTC_MP_GT) {
       /* now store the mpint */
-      if ((err = mp_to_unsigned_bin(num, out)) != MP_OKAY) {
-          return mpi_to_ltc_error(err);
+      if ((err = mp_to_unsigned_bin(num, out)) != CRYPT_OK) {
+          return err;
       }
-   } else if (mp_iszero(num) != MP_YES) {
-      mp_int tmp;
+   } else if (mp_iszero(num) != LTC_MP_YES) {
+      void *tmp;
+         
       /* negative */
-      if (mp_init(&tmp) != MP_OKAY) {
+      if (mp_init(&tmp) != CRYPT_OK) {
          return CRYPT_MEM;
       }
 
       /* 2^roundup and subtract */
       y = mp_count_bits(num);
       y = y + (8 - (y & 7));
-      if (mp_2expt(&tmp, y) != MP_OKAY || mp_add(&tmp, num, &tmp) != MP_OKAY) {
-         mp_clear(&tmp);
+      if (((mp_cnt_lsb(num)+1)==mp_count_bits(num)) && ((mp_count_bits(num)&7)==0)) y -= 8;
+      if (mp_2expt(tmp, y) != CRYPT_OK || mp_add(tmp, num, tmp) != CRYPT_OK) {
+         mp_clear(tmp);
          return CRYPT_MEM;
       }
-
-      if ((err = mp_to_unsigned_bin(&tmp, out)) != MP_OKAY) {
-         mp_clear(&tmp);
-         return mpi_to_ltc_error(err);
+      if ((err = mp_to_unsigned_bin(tmp, out)) != CRYPT_OK) {
+         mp_clear(tmp);
+         return err;
       }
-      mp_clear(&tmp);
+      mp_clear(tmp);
    }
 
    /* we good */
@@ -124,5 +126,5 @@ int der_encode_integer(mp_int *num, unsigned char *out, unsigned long *outlen)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/integer/der_encode_integer.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/16 15:08:11 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/12/04 21:34:03 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/integer/der_length_integer.c b/libtomcrypt/src/pk/asn1/der/integer/der_length_integer.c
index 1bfee45..bcc331d 100644
--- a/libtomcrypt/src/pk/asn1/der/integer/der_length_integer.c
+++ b/libtomcrypt/src/pk/asn1/der/integer/der_length_integer.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -19,11 +19,11 @@
 #ifdef LTC_DER
 /**
   Gets length of DER encoding of num 
-  @param num    The mp_int to get the size of 
+  @param num    The int to get the size of 
   @param outlen [out] The length of the DER encoding for the given integer
   @return CRYPT_OK if successful
 */
-int der_length_integer(mp_int *num, unsigned long *outlen)
+int der_length_integer(void *num, unsigned long *outlen)
 {
    unsigned long z, len;
    int           leading_zero;
@@ -31,11 +31,11 @@ int der_length_integer(mp_int *num, unsigned long *outlen)
    LTC_ARGCHK(num     != NULL);
    LTC_ARGCHK(outlen  != NULL);
 
-   if (mp_cmp_d(num, 0) != MP_LT) {
+   if (mp_cmp_d(num, 0) != LTC_MP_LT) {
       /* positive */
 
       /* we only need a leading zero if the msb of the first byte is one */
-      if ((mp_count_bits(num) & 7) == 0 || mp_iszero(num) == MP_YES) {
+      if ((mp_count_bits(num) & 7) == 0 || mp_iszero(num) == LTC_MP_YES) {
          leading_zero = 1;
       } else {
          leading_zero = 0;
@@ -49,6 +49,7 @@ int der_length_integer(mp_int *num, unsigned long *outlen)
       leading_zero = 0;
       z = mp_count_bits(num);
       z = z + (8 - (z & 7));
+      if (((mp_cnt_lsb(num)+1)==mp_count_bits(num)) && ((mp_count_bits(num)&7)==0)) --z;
       len = z = z >> 3;
    }
 
@@ -77,5 +78,5 @@ int der_length_integer(mp_int *num, unsigned long *outlen)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/integer/der_length_integer.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/16 15:08:11 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/04/22 01:22:55 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/object_identifier/der_decode_object_identifier.c b/libtomcrypt/src/pk/asn1/der/object_identifier/der_decode_object_identifier.c
index c69c9a3..1fa87d8 100644
--- a/libtomcrypt/src/pk/asn1/der/object_identifier/der_decode_object_identifier.c
+++ b/libtomcrypt/src/pk/asn1/der/object_identifier/der_decode_object_identifier.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -67,14 +67,8 @@ int der_decode_object_identifier(const unsigned char *in,    unsigned long  inle
       return CRYPT_INVALID_PACKET;
    }
 
-   /* decode word1 and word2 */
-   --len;
-   t = in[x++];
-   words[0] = t/40;
-   words[1] = t%40;
-
-   /* decode rest */
-   y = 2;
+   /* decode words */
+   y = 0;
    t = 0;
    while (len--) {
        t = (t << 7) | (in[x] & 0x7F);
@@ -83,7 +77,13 @@ int der_decode_object_identifier(const unsigned char *in,    unsigned long  inle
            if (y >= *outlen) {
               return CRYPT_BUFFER_OVERFLOW;
            }
-           words[y++] = t;
+      if (y == 0) {
+         words[0] = t / 40;
+         words[1] = t % 40;
+         y = 2;
+      } else {
+              words[y++] = t;
+      }
            t          = 0;
        }
    }
@@ -95,5 +95,5 @@ int der_decode_object_identifier(const unsigned char *in,    unsigned long  inle
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/object_identifier/der_decode_object_identifier.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/16 15:08:11 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/11/21 00:18:23 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c b/libtomcrypt/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c
index 16eb112..b343aaa 100644
--- a/libtomcrypt/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c
+++ b/libtomcrypt/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -27,7 +27,7 @@
 int der_encode_object_identifier(unsigned long *words, unsigned long  nwords,
                                  unsigned char *out,   unsigned long *outlen)
 {
-   unsigned long i, x, y, z, t, mask;
+   unsigned long i, x, y, z, t, mask, wordbuf;
    int           err;
 
    LTC_ARGCHK(words  != NULL);
@@ -39,50 +39,54 @@ int der_encode_object_identifier(unsigned long *words, unsigned long  nwords,
       return err;
    }
    if (x > *outlen) {
+      *outlen = x;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
    /* compute length to store OID data */
-   z = 1;
-   for (y = 2; y < nwords; y++) {
-       t = der_object_identifier_bits(words[y]);
-       z += t/7 + ((t%7) ? 1 : 0);
+   z = 0;
+   wordbuf = words[0] * 40 + words[1];
+   for (y = 1; y < nwords; y++) {
+       t = der_object_identifier_bits(wordbuf);
+       z += t/7 + ((t%7) ? 1 : 0) + (wordbuf == 0 ? 1 : 0);
+       if (y < nwords - 1) {
+          wordbuf = words[y + 1];
+       }
    }
 
    /* store header + length */
    x = 0; 
    out[x++] = 0x06;
    if (z < 128) {
-      out[x++] = z;
+      out[x++] = (unsigned char)z;
    } else if (z < 256) {
       out[x++] = 0x81;
-      out[x++] = z;
+      out[x++] = (unsigned char)z;
    } else if (z < 65536UL) {
       out[x++] = 0x82;
-      out[x++] = (z>>8)&255;
-      out[x++] = z&255;
+      out[x++] = (unsigned char)((z>>8)&255);
+      out[x++] = (unsigned char)(z&255);
    } else {
       return CRYPT_INVALID_ARG;
    }
 
    /* store first byte */
-   out[x++] = words[0] * 40 + words[1];   
-   
-    for (i = 2; i < nwords; i++) {
+    wordbuf = words[0] * 40 + words[1];   
+    for (i = 1; i < nwords; i++) {
         /* store 7 bit words in little endian */
-        t    = words[i] & 0xFFFFFFFF;
+        t    = wordbuf & 0xFFFFFFFF;
         if (t) {
            y    = x;
            mask = 0;
            while (t) {
-               out[x++] = (t & 0x7F) | mask;
+               out[x++] = (unsigned char)((t & 0x7F) | mask);
                t    >>= 7;
                mask  |= 0x80;  /* upper bit is set on all but the last byte */
            }
            /* now swap bytes y...x-1 */
            z = x - 1;
            while (y < z) {
-               t = out[y]; out[y] = out[z]; out[z] = t;
+               t = out[y]; out[y] = out[z]; out[z] = (unsigned char)t;
                ++y; 
                --z;
            }
@@ -90,6 +94,10 @@ int der_encode_object_identifier(unsigned long *words, unsigned long  nwords,
           /* zero word */
           out[x++] = 0x00;
        }
+       
+       if (i < nwords - 1) {
+          wordbuf = words[i + 1];
+       }
    }
 
    *outlen = x;
@@ -99,5 +107,5 @@ int der_encode_object_identifier(unsigned long *words, unsigned long  nwords,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/object_identifier/der_encode_object_identifier.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/16 15:08:11 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/12/04 21:34:03 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/object_identifier/der_length_object_identifier.c b/libtomcrypt/src/pk/asn1/der/object_identifier/der_length_object_identifier.c
index d03d1a7..a4cf53f 100644
--- a/libtomcrypt/src/pk/asn1/der/object_identifier/der_length_object_identifier.c
+++ b/libtomcrypt/src/pk/asn1/der/object_identifier/der_length_object_identifier.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -39,7 +39,7 @@ unsigned long der_object_identifier_bits(unsigned long x)
 */
 int der_length_object_identifier(unsigned long *words, unsigned long nwords, unsigned long *outlen)
 {
-   unsigned long y, z, t;   
+   unsigned long y, z, t, wordbuf;   
 
    LTC_ARGCHK(words  != NULL);
    LTC_ARGCHK(outlen != NULL);
@@ -50,16 +50,21 @@ int der_length_object_identifier(unsigned long *words, unsigned long nwords, uns
       return CRYPT_INVALID_ARG;
    }
 
-   /* word1 = 0,1,2 and word2 0..39 */
-   if (words[0] > 2 || words[1] > 39) {
+   /* word1 = 0,1,2,3 and word2 0..39 */
+   if (words[0] > 3 || (words[0] < 2 && words[1] > 39)) {
       return CRYPT_INVALID_ARG;
    }
 
-   /* leading byte of first two words */
-   z = 1;
-   for (y = 2; y < nwords; y++) {
-       t = der_object_identifier_bits(words[y]);
-       z += t/7 + ((t%7) ? 1 : 0);
+   /* leading word is the first two */
+   z = 0;
+   wordbuf = words[0] * 40 + words[1];
+   for (y = 1; y < nwords; y++) {
+       t = der_object_identifier_bits(wordbuf);
+       z += t/7 + ((t%7) ? 1 : 0) + (wordbuf == 0 ? 1 : 0);
+       if (y < nwords - 1) {
+          /* grab next word */
+          wordbuf = words[y+1];
+       }
    }
 
    /* now depending on the length our length encoding changes */
@@ -80,5 +85,5 @@ int der_length_object_identifier(unsigned long *words, unsigned long nwords, uns
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/object_identifier/der_length_object_identifier.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/16 15:08:11 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/04/16 20:17:42 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/octet/der_decode_octet_string.c b/libtomcrypt/src/pk/asn1/der/octet/der_decode_octet_string.c
index 2d3800f..b937e63 100644
--- a/libtomcrypt/src/pk/asn1/der/octet/der_decode_octet_string.c
+++ b/libtomcrypt/src/pk/asn1/der/octet/der_decode_octet_string.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -66,6 +66,7 @@ int der_decode_octet_string(const unsigned char *in, unsigned long inlen,
 
    /* is it too long? */
    if (len > *outlen) {
+      *outlen = len;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
@@ -86,5 +87,5 @@ int der_decode_octet_string(const unsigned char *in, unsigned long inlen,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/octet/der_decode_octet_string.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/16 15:08:11 $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2006/06/16 21:53:41 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/octet/der_encode_octet_string.c b/libtomcrypt/src/pk/asn1/der/octet/der_encode_octet_string.c
index f34b708..fe0f163 100644
--- a/libtomcrypt/src/pk/asn1/der/octet/der_encode_octet_string.c
+++ b/libtomcrypt/src/pk/asn1/der/octet/der_encode_octet_string.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -43,6 +43,7 @@ int der_encode_octet_string(const unsigned char *in, unsigned long inlen,
 
    /* too big? */
    if (len > *outlen) {
+      *outlen = len;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
@@ -50,19 +51,19 @@ int der_encode_octet_string(const unsigned char *in, unsigned long inlen,
    x = 0;
    out[x++] = 0x04;
    if (inlen < 128) {
-      out[x++] = inlen;
+      out[x++] = (unsigned char)inlen;
    } else if (inlen < 256) {
       out[x++] = 0x81;
-      out[x++] = inlen;
+      out[x++] = (unsigned char)inlen;
    } else if (inlen < 65536UL) {
       out[x++] = 0x82;
-      out[x++] = (inlen>>8)&255;
-      out[x++] = inlen&255;
+      out[x++] = (unsigned char)((inlen>>8)&255);
+      out[x++] = (unsigned char)(inlen&255);
    } else if (inlen < 16777216UL) {
       out[x++] = 0x83;
-      out[x++] = (inlen>>16)&255;
-      out[x++] = (inlen>>8)&255;
-      out[x++] = inlen&255;
+      out[x++] = (unsigned char)((inlen>>16)&255);
+      out[x++] = (unsigned char)((inlen>>8)&255);
+      out[x++] = (unsigned char)(inlen&255);
    } else {
       return CRYPT_INVALID_ARG;
    }
@@ -81,5 +82,5 @@ int der_encode_octet_string(const unsigned char *in, unsigned long inlen,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/octet/der_encode_octet_string.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/16 15:08:11 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/12/04 21:34:03 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/octet/der_length_octet_string.c b/libtomcrypt/src/pk/asn1/der/octet/der_length_octet_string.c
index 9a0bed3..3caf352 100644
--- a/libtomcrypt/src/pk/asn1/der/octet/der_length_octet_string.c
+++ b/libtomcrypt/src/pk/asn1/der/octet/der_length_octet_string.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -49,5 +49,5 @@ int der_length_octet_string(unsigned long noctets, unsigned long *outlen)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/octet/der_length_octet_string.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/16 15:08:11 $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/printable_string/der_decode_printable_string.c b/libtomcrypt/src/pk/asn1/der/printable_string/der_decode_printable_string.c
index cbc9239..cae96d8 100644
--- a/libtomcrypt/src/pk/asn1/der/printable_string/der_decode_printable_string.c
+++ b/libtomcrypt/src/pk/asn1/der/printable_string/der_decode_printable_string.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -67,6 +67,7 @@ int der_decode_printable_string(const unsigned char *in, unsigned long inlen,
 
    /* is it too long? */
    if (len > *outlen) {
+      *outlen = len;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
@@ -91,5 +92,5 @@ int der_decode_printable_string(const unsigned char *in, unsigned long inlen,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/printable_string/der_decode_printable_string.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/21 02:29:54 $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2006/06/16 21:53:41 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/printable_string/der_encode_printable_string.c b/libtomcrypt/src/pk/asn1/der/printable_string/der_encode_printable_string.c
index ab4e8bf..9061b1f 100644
--- a/libtomcrypt/src/pk/asn1/der/printable_string/der_encode_printable_string.c
+++ b/libtomcrypt/src/pk/asn1/der/printable_string/der_encode_printable_string.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -42,6 +42,7 @@ int der_encode_printable_string(const unsigned char *in, unsigned long inlen,
 
    /* too big? */
    if (len > *outlen) {
+      *outlen = len;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
@@ -49,19 +50,19 @@ int der_encode_printable_string(const unsigned char *in, unsigned long inlen,
    x = 0;
    out[x++] = 0x13;
    if (inlen < 128) {
-      out[x++] = inlen;
+      out[x++] = (unsigned char)inlen;
    } else if (inlen < 256) {
       out[x++] = 0x81;
-      out[x++] = inlen;
+      out[x++] = (unsigned char)inlen;
    } else if (inlen < 65536UL) {
       out[x++] = 0x82;
-      out[x++] = (inlen>>8)&255;
-      out[x++] = inlen&255;
+      out[x++] = (unsigned char)((inlen>>8)&255);
+      out[x++] = (unsigned char)(inlen&255);
    } else if (inlen < 16777216UL) {
       out[x++] = 0x83;
-      out[x++] = (inlen>>16)&255;
-      out[x++] = (inlen>>8)&255;
-      out[x++] = inlen&255;
+      out[x++] = (unsigned char)((inlen>>16)&255);
+      out[x++] = (unsigned char)((inlen>>8)&255);
+      out[x++] = (unsigned char)(inlen&255);
    } else {
       return CRYPT_INVALID_ARG;
    }
@@ -80,5 +81,5 @@ int der_encode_printable_string(const unsigned char *in, unsigned long inlen,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/printable_string/der_encode_printable_string.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/21 02:29:54 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/12/04 21:34:03 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/printable_string/der_length_printable_string.c b/libtomcrypt/src/pk/asn1/der/printable_string/der_length_printable_string.c
index 34065f2..799b6b6 100644
--- a/libtomcrypt/src/pk/asn1/der/printable_string/der_length_printable_string.c
+++ b/libtomcrypt/src/pk/asn1/der/printable_string/der_length_printable_string.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -162,5 +162,5 @@ int der_length_printable_string(const unsigned char *octets, unsigned long nocte
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/printable_string/der_length_printable_string.c,v $ */
-/* $Revision: 1.1 $ */
-/* $Date: 2005/05/21 02:29:54 $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence.c b/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_ex.c
index 335a882..1f65602 100644
--- a/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence.c
+++ b/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_ex.c
@@ -6,14 +6,14 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 #include <stdarg.h>
 
 
 /**
-  @file der_decode_sequence.c
+  @file der_decode_sequence_ex.c
   ASN.1 DER, decode a SEQUENCE, Tom St Denis
 */
 
@@ -25,10 +25,11 @@
    @param inlen    The size of the input
    @param list     The list of items to decode
    @param outlen   The number of items in the list
+   @param ordered  Search an unordeded or ordered list
    @return CRYPT_OK on success
 */
-int der_decode_sequence(const unsigned char *in,   unsigned long  inlen,
-                              ltc_asn1_list *list, unsigned long  outlen)
+int der_decode_sequence_ex(const unsigned char *in, unsigned long  inlen,
+                           ltc_asn1_list *list,     unsigned long  outlen, int ordered)
 {
    int           err, type;
    unsigned long size, x, y, z, i, blksize;
@@ -36,17 +37,18 @@ int der_decode_sequence(const unsigned char *in,   unsigned long  inlen,
 
    LTC_ARGCHK(in   != NULL);
    LTC_ARGCHK(list != NULL);
-
+   
    /* get blk size */
    if (inlen < 2) {
       return CRYPT_INVALID_PACKET;
    }
 
-   /* sequence type? */
+   /* sequence type? We allow 0x30 SEQUENCE and 0x31 SET since fundamentally they're the same structure */
    x = 0;
-   if (in[x++] != 0x30) {
+   if (in[x] != 0x30 && in[x] != 0x31) {
       return CRYPT_INVALID_PACKET;
    }
+   ++x;
 
    if (in[x] < 128) {
       blksize = in[x++];
@@ -73,154 +75,205 @@ int der_decode_sequence(const unsigned char *in,   unsigned long  inlen,
      return CRYPT_INVALID_PACKET;
   }
 
+   /* mark all as unused */
+   for (i = 0; i < outlen; i++) {
+       list[i].used = 0;
+   }     
+
   /* ok read data */
    inlen = blksize;
    for (i = 0; i < outlen; i++) {
+       z    = 0;
        type = list[i].type;
        size = list[i].size;
        data = list[i].data;
+       if (!ordered && list[i].used == 1) { continue; }
 
        if (type == LTC_ASN1_EOL) { 
           break;
        }
 
        switch (type) {
+           case LTC_ASN1_BOOLEAN:
+               z = inlen;
+               if ((err = der_decode_boolean(in + x, z, ((int *)data))) != CRYPT_OK) {
+                   goto LBL_ERR;
+               }
+               if ((err = der_length_boolean(&z)) != CRYPT_OK) {
+                   goto LBL_ERR;
+                }
+                break;
+          
            case LTC_ASN1_INTEGER:
                z = inlen;
                if ((err = der_decode_integer(in + x, z, data)) != CRYPT_OK) {
+                  if (!ordered) {  continue; }
                   goto LBL_ERR;
                }
                if ((err = der_length_integer(data, &z)) != CRYPT_OK) {
                   goto LBL_ERR;
                }
-               x     += z;
-               inlen -= z;
                break;
 
-
            case LTC_ASN1_SHORT_INTEGER:
                z = inlen;
                if ((err = der_decode_short_integer(in + x, z, data)) != CRYPT_OK) {
+                  if (!ordered) { continue; }
                   goto LBL_ERR;
                }
-               if ((err = der_length_short_integer(size, &z)) != CRYPT_OK) {
+               if ((err = der_length_short_integer(((unsigned long*)data)[0], &z)) != CRYPT_OK) {
                   goto LBL_ERR;
                }
-               x     += z;
-               inlen -= z;
+               
                break;
 
            case LTC_ASN1_BIT_STRING:
                z = inlen;
                if ((err = der_decode_bit_string(in + x, z, data, &size)) != CRYPT_OK) {
+                  if (!ordered) { continue; }
                   goto LBL_ERR;
                }
                list[i].size = size;
                if ((err = der_length_bit_string(size, &z)) != CRYPT_OK) {
                   goto LBL_ERR;
                }
-               x     += z;
-               inlen -= z;
                break;
 
            case LTC_ASN1_OCTET_STRING:
                z = inlen;
                if ((err = der_decode_octet_string(in + x, z, data, &size)) != CRYPT_OK) {
+                  if (!ordered) { continue; }
                   goto LBL_ERR;
                }
                list[i].size = size;
                if ((err = der_length_octet_string(size, &z)) != CRYPT_OK) {
                   goto LBL_ERR;
                }
-               x     += z;
-               inlen -= z;
                break;
 
            case LTC_ASN1_NULL:
                if (inlen < 2 || in[x] != 0x05 || in[x+1] != 0x00) {
+                  if (!ordered) { continue; }
                   err = CRYPT_INVALID_PACKET;
                   goto LBL_ERR;
                }
-               x     += 2;
-               inlen -= 2;
+               z = 2;
                break;
                   
            case LTC_ASN1_OBJECT_IDENTIFIER:
                z = inlen;
                if ((err = der_decode_object_identifier(in + x, z, data, &size)) != CRYPT_OK) {
+                  if (!ordered) { continue; }
                   goto LBL_ERR;
                }
                list[i].size = size;
                if ((err = der_length_object_identifier(data, size, &z)) != CRYPT_OK) {
                   goto LBL_ERR;
                }
-               x     += z;
-               inlen -= z;
                break;
 
            case LTC_ASN1_IA5_STRING:
                z = inlen;
                if ((err = der_decode_ia5_string(in + x, z, data, &size)) != CRYPT_OK) {
+                  if (!ordered) { continue; }
                   goto LBL_ERR;
                }
                list[i].size = size;
                if ((err = der_length_ia5_string(data, size, &z)) != CRYPT_OK) {
                   goto LBL_ERR;
                }
-               x     += z;
-               inlen -= z;
                break;
 
 
            case LTC_ASN1_PRINTABLE_STRING:
                z = inlen;
                if ((err = der_decode_printable_string(in + x, z, data, &size)) != CRYPT_OK) {
+                  if (!ordered) { continue; }
                   goto LBL_ERR;
                }
                list[i].size = size;
                if ((err = der_length_printable_string(data, size, &z)) != CRYPT_OK) {
                   goto LBL_ERR;
                }
-               x     += z;
-               inlen -= z;
+               break;
+
+           case LTC_ASN1_UTF8_STRING:
+               z = inlen;
+               if ((err = der_decode_utf8_string(in + x, z, data, &size)) != CRYPT_OK) {
+                  if (!ordered) { continue; }
+                  goto LBL_ERR;
+               }
+               list[i].size = size;
+               if ((err = der_length_utf8_string(data, size, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
                break;
 
            case LTC_ASN1_UTCTIME:
                z = inlen;
                if ((err = der_decode_utctime(in + x, &z, data)) != CRYPT_OK) {
+                  if (!ordered) { continue; }
                   goto LBL_ERR;
                }
-               x     += z;
-               inlen -= z;
                break;
 
+           case LTC_ASN1_SET:
+               z = inlen;
+               if ((err = der_decode_set(in + x, z, data, size)) != CRYPT_OK) {
+                  if (!ordered) { continue; }
+                  goto LBL_ERR;
+               }
+               if ((err = der_length_sequence(data, size, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               break;
+           
+           case LTC_ASN1_SETOF:
            case LTC_ASN1_SEQUENCE:
+               /* detect if we have the right type */
+               if ((type == LTC_ASN1_SETOF && (in[x] & 0x3F) != 0x31) || (type == LTC_ASN1_SEQUENCE && (in[x] & 0x3F) != 0x30)) {
+                  err = CRYPT_INVALID_PACKET;
+                  goto LBL_ERR;
+               }
+
                z = inlen;
                if ((err = der_decode_sequence(in + x, z, data, size)) != CRYPT_OK) {
+                  if (!ordered) { continue; }
                   goto LBL_ERR;
                }
                if ((err = der_length_sequence(data, size, &z)) != CRYPT_OK) {
                   goto LBL_ERR;
                }
-               x     += z;
-               inlen -= z;
                break;
 
 
            case LTC_ASN1_CHOICE:
                z = inlen;
                if ((err = der_decode_choice(in + x, &z, data, size)) != CRYPT_OK) {
+                  if (!ordered) { continue; }
                   goto LBL_ERR;
                }
-               x     += z;
-               inlen -= z;
                break;
 
            default:
                err = CRYPT_INVALID_ARG;
                goto LBL_ERR;
        }
+       x           += z;
+       inlen       -= z;
+       list[i].used = 1;
+       if (!ordered) { 
+          /* restart the decoder */
+          i = -1;
+       }          
    }
+     
+   for (i = 0; i < outlen; i++) {
+      if (list[i].used == 0) {
+          err = CRYPT_INVALID_PACKET;
+          goto LBL_ERR;
+      }
+   }                
    err = CRYPT_OK;   
 
 LBL_ERR:
@@ -229,6 +282,6 @@ LBL_ERR:
  
 #endif
 
-/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence.c,v $ */
-/* $Revision: 1.8 $ */
-/* $Date: 2005/06/18 19:20:23 $ */
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_ex.c,v $ */
+/* $Revision: 1.15 $ */
+/* $Date: 2006/11/26 02:25:18 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c b/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c
new file mode 100644
index 0000000..19d8c86
--- /dev/null
+++ b/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c
@@ -0,0 +1,386 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_decode_sequence_flexi.c
+  ASN.1 DER, decode an array of ASN.1 types with a flexi parser, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+static unsigned long fetch_length(const unsigned char *in, unsigned long inlen)
+{
+   unsigned long x, y, z;
+
+   y = 0;
+
+   /* skip type and read len */
+   if (inlen < 2) {
+      return 0xFFFFFFFF;
+   }
+   ++in; ++y;
+   
+   /* read len */
+   x = *in++; ++y;
+   
+   /* <128 means literal */
+   if (x < 128) {
+      return x+y;
+   }
+   x     &= 0x7F; /* the lower 7 bits are the length of the length */
+   inlen -= 2;
+   
+   /* len means len of len! */
+   if (x == 0 || x > 4 || x > inlen) {
+      return 0xFFFFFFFF;
+   }
+   
+   y += x;
+   z = 0;
+   while (x--) {   
+      z = (z<<8) | ((unsigned long)*in);
+      ++in;
+   }
+   return z+y;
+}
+
+/** 
+   ASN.1 DER Flexi(ble) decoder will decode arbitrary DER packets and create a linked list of the decoded elements.
+   @param in      The input buffer
+   @param inlen   [in/out] The length of the input buffer and on output the amount of decoded data 
+   @param out     [out] A pointer to the linked list
+   @return CRYPT_OK on success.
+*/   
+int der_decode_sequence_flexi(const unsigned char *in, unsigned long *inlen, ltc_asn1_list **out)
+{
+   ltc_asn1_list *l;
+   unsigned long err, type, len, totlen, x, y;
+   void          *realloc_tmp;
+   
+   LTC_ARGCHK(in    != NULL);
+   LTC_ARGCHK(inlen != NULL);
+   LTC_ARGCHK(out   != NULL);
+
+   l = NULL;
+   totlen = 0;
+   
+   /* scan the input and and get lengths and what not */
+   while (*inlen) {     
+      /* read the type byte */
+      type = *in;
+
+      /* fetch length */
+      len = fetch_length(in, *inlen);
+      if (len > *inlen) {
+         err = CRYPT_INVALID_PACKET;
+         goto error;
+      }
+
+      /* alloc new link */
+      if (l == NULL) {
+         l = XCALLOC(1, sizeof(*l));
+         if (l == NULL) {
+            err = CRYPT_MEM;
+            goto error;
+         }
+      } else {
+         l->next = XCALLOC(1, sizeof(*l));
+         if (l->next == NULL) {
+            err = CRYPT_MEM;
+            goto error;
+         }
+         l->next->prev = l;
+         l = l->next;
+      }
+
+      /* now switch on type */
+      switch (type) {
+         case 0x01: /* BOOLEAN */
+            l->type = LTC_ASN1_BOOLEAN;
+            l->size = 1;
+            l->data = XCALLOC(1, sizeof(int));
+       
+            if ((err = der_decode_boolean(in, *inlen, l->data)) != CRYPT_OK) {
+               goto error;
+            }
+        
+            if ((err = der_length_boolean(&len)) != CRYPT_OK) {
+               goto error;
+            }
+            break;
+
+         case 0x02: /* INTEGER */
+             /* init field */
+             l->type = LTC_ASN1_INTEGER;
+             l->size = 1;
+             if ((err = mp_init(&l->data)) != CRYPT_OK) {
+                 goto error;
+             }
+             
+             /* decode field */
+             if ((err = der_decode_integer(in, *inlen, l->data)) != CRYPT_OK) {
+                 goto error;
+             }
+             
+             /* calc length of object */
+             if ((err = der_length_integer(l->data, &len)) != CRYPT_OK) {
+                 goto error;
+             }
+             break;
+
+         case 0x03: /* BIT */
+            /* init field */
+            l->type = LTC_ASN1_BIT_STRING;
+            l->size = len * 8; /* *8 because we store decoded bits one per char and they are encoded 8 per char.  */
+
+            if ((l->data = XCALLOC(1, l->size)) == NULL) {
+               err = CRYPT_MEM;
+               goto error;
+            }
+            
+            if ((err = der_decode_bit_string(in, *inlen, l->data, &l->size)) != CRYPT_OK) {
+               goto error;
+            }
+            
+            if ((err = der_length_bit_string(l->size, &len)) != CRYPT_OK) {
+               goto error;
+            }
+            break;
+
+         case 0x04: /* OCTET */
+
+            /* init field */
+            l->type = LTC_ASN1_OCTET_STRING;
+            l->size = len;
+
+            if ((l->data = XCALLOC(1, l->size)) == NULL) {
+               err = CRYPT_MEM;
+               goto error;
+            }
+            
+            if ((err = der_decode_octet_string(in, *inlen, l->data, &l->size)) != CRYPT_OK) {
+               goto error;
+            }
+            
+            if ((err = der_length_octet_string(l->size, &len)) != CRYPT_OK) {
+               goto error;
+            }
+            break;
+
+         case 0x05: /* NULL */
+         
+            /* valid NULL is 0x05 0x00 */
+            if (in[0] != 0x05 || in[1] != 0x00) {
+               err = CRYPT_INVALID_PACKET;
+               goto error;
+            }
+            
+            /* simple to store ;-) */
+            l->type = LTC_ASN1_NULL;
+            l->data = NULL;
+            l->size = 0;
+            len     = 2;
+            
+            break;
+         
+         case 0x06: /* OID */
+         
+            /* init field */
+            l->type = LTC_ASN1_OBJECT_IDENTIFIER;
+            l->size = len;
+
+            if ((l->data = XCALLOC(len, sizeof(unsigned long))) == NULL) {
+               err = CRYPT_MEM;
+               goto error;
+            }
+            
+            if ((err = der_decode_object_identifier(in, *inlen, l->data, &l->size)) != CRYPT_OK) {
+               goto error;
+            }
+            
+            if ((err = der_length_object_identifier(l->data, l->size, &len)) != CRYPT_OK) {
+               goto error;
+            }
+            
+            /* resize it to save a bunch of mem */
+            if ((realloc_tmp = XREALLOC(l->data, l->size * sizeof(unsigned long))) == NULL) {
+               /* out of heap but this is not an error */
+               break;
+            }
+            l->data = realloc_tmp;
+            break;
+  
+         case 0x0C: /* UTF8 */
+         
+            /* init field */
+            l->type = LTC_ASN1_UTF8_STRING;
+            l->size = len;
+
+            if ((l->data = XCALLOC(sizeof(wchar_t), l->size)) == NULL) {
+               err = CRYPT_MEM;
+               goto error;
+            }
+            
+            if ((err = der_decode_utf8_string(in, *inlen, l->data, &l->size)) != CRYPT_OK) {
+               goto error;
+            }
+            
+            if ((err = der_length_utf8_string(l->data, l->size, &len)) != CRYPT_OK) {
+               goto error;
+            }
+            break;
+
+         case 0x13: /* PRINTABLE */
+         
+            /* init field */
+            l->type = LTC_ASN1_PRINTABLE_STRING;
+            l->size = len;
+
+            if ((l->data = XCALLOC(1, l->size)) == NULL) {
+               err = CRYPT_MEM;
+               goto error;
+            }
+            
+            if ((err = der_decode_printable_string(in, *inlen, l->data, &l->size)) != CRYPT_OK) {
+               goto error;
+            }
+            
+            if ((err = der_length_printable_string(l->data, l->size, &len)) != CRYPT_OK) {
+               goto error;
+            }
+            break;
+         
+         case 0x16: /* IA5 */
+         
+            /* init field */
+            l->type = LTC_ASN1_IA5_STRING;
+            l->size = len;
+
+            if ((l->data = XCALLOC(1, l->size)) == NULL) {
+               err = CRYPT_MEM;
+               goto error;
+            }
+            
+            if ((err = der_decode_ia5_string(in, *inlen, l->data, &l->size)) != CRYPT_OK) {
+               goto error;
+            }
+            
+            if ((err = der_length_ia5_string(l->data, l->size, &len)) != CRYPT_OK) {
+               goto error;
+            }
+            break;
+         
+         case 0x17: /* UTC TIME */
+         
+            /* init field */
+            l->type = LTC_ASN1_UTCTIME;
+            l->size = 1;
+
+            if ((l->data = XCALLOC(1, sizeof(ltc_utctime))) == NULL) {
+               err = CRYPT_MEM;
+               goto error;
+            }
+            
+            len = *inlen;
+            if ((err = der_decode_utctime(in, &len, l->data)) != CRYPT_OK) {
+               goto error;
+            }
+            
+            if ((err = der_length_utctime(l->data, &len)) != CRYPT_OK) {
+               goto error;
+            }
+            break;
+         
+         case 0x30: /* SEQUENCE */
+         case 0x31: /* SET */
+         
+             /* init field */
+             l->type = (type == 0x30) ? LTC_ASN1_SEQUENCE : LTC_ASN1_SET;
+             
+             /* we have to decode the SEQUENCE header and get it's length */
+             
+                /* move past type */
+                ++in; --(*inlen);
+                
+                /* read length byte */
+                x = *in++; --(*inlen);
+                
+                /* smallest SEQUENCE/SET header */
+                y = 2;
+                
+                /* now if it's > 127 the next bytes are the length of the length */
+                if (x > 128) {
+                   x      &= 0x7F;
+                   in     += x;
+                   *inlen -= x;
+                   
+                   /* update sequence header len */
+                   y      += x;
+                }
+             
+             /* Sequence elements go as child */
+             len = len - y;
+             if ((err = der_decode_sequence_flexi(in, &len, &(l->child))) != CRYPT_OK) {
+                goto error;
+             }
+             
+             /* len update */
+             totlen += y;
+             
+             /* link them up y0 */
+             l->child->parent = l;
+             
+             break;
+         default:
+           /* invalid byte ... this is a soft error */
+           /* remove link */
+           l       = l->prev;
+           XFREE(l->next);
+           l->next = NULL;
+           goto outside;
+      }
+      
+      /* advance pointers */
+      totlen  += len;
+      in      += len;
+      *inlen  -= len;
+   }
+   
+outside:   
+
+   /* rewind l please */
+   while (l->prev != NULL || l->parent != NULL) {
+      if (l->parent != NULL) {
+         l = l->parent;
+      } else {
+         l = l->prev;
+      }
+   }
+   
+   /* return */
+   *out   = l;
+   *inlen = totlen;
+   return CRYPT_OK;
+
+error:
+   /* free list */
+   der_sequence_free(l);
+
+   return err;
+}
+
+#endif
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c,v $ */
+/* $Revision: 1.25 $ */
+/* $Date: 2006/11/26 02:25:18 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_multi.c b/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_multi.c
index a4a1038..a15c182 100644
--- a/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_multi.c
+++ b/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_multi.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 #include <stdarg.h>
@@ -19,6 +19,13 @@
 
 #ifdef LTC_DER
 
+/**
+  Decode a SEQUENCE type using a VA list
+  @param in    Input buffer
+  @param inlen Length of input in octets
+  @remark <...> is of the form <type, size, data> (int, unsigned long, void*)
+  @return CRYPT_OK on success
+*/  
 int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...)
 {
    int           err, type;
@@ -42,6 +49,7 @@ int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...)
        }
 
        switch (type) {
+           case LTC_ASN1_BOOLEAN:
            case LTC_ASN1_INTEGER:
            case LTC_ASN1_SHORT_INTEGER:
            case LTC_ASN1_BIT_STRING:
@@ -50,7 +58,10 @@ int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...)
            case LTC_ASN1_OBJECT_IDENTIFIER:
            case LTC_ASN1_IA5_STRING:
            case LTC_ASN1_PRINTABLE_STRING:
+           case LTC_ASN1_UTF8_STRING:
            case LTC_ASN1_UTCTIME:
+           case LTC_ASN1_SET:
+           case LTC_ASN1_SETOF:
            case LTC_ASN1_SEQUENCE:
            case LTC_ASN1_CHOICE:
                 ++x; 
@@ -86,6 +97,7 @@ int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...)
        }
 
        switch (type) {
+           case LTC_ASN1_BOOLEAN:
            case LTC_ASN1_INTEGER:
            case LTC_ASN1_SHORT_INTEGER:
            case LTC_ASN1_BIT_STRING:
@@ -94,8 +106,11 @@ int der_decode_sequence_multi(const unsigned char *in, unsigned long inlen, ...)
            case LTC_ASN1_OBJECT_IDENTIFIER:
            case LTC_ASN1_IA5_STRING:
            case LTC_ASN1_PRINTABLE_STRING:
+           case LTC_ASN1_UTF8_STRING:
            case LTC_ASN1_UTCTIME:
            case LTC_ASN1_SEQUENCE:
+           case LTC_ASN1_SET:
+           case LTC_ASN1_SETOF:          
            case LTC_ASN1_CHOICE:
                 list[x].type   = type;
                 list[x].size   = size;
@@ -120,5 +135,5 @@ LBL_ERR:
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_multi.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/06/18 19:20:23 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/11/26 02:25:18 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/sequence/der_encode_sequence.c b/libtomcrypt/src/pk/asn1/der/sequence/der_encode_sequence_ex.c
index d53153c..cdb4f1e 100644
--- a/libtomcrypt/src/pk/asn1/der/sequence/der_encode_sequence.c
+++ b/libtomcrypt/src/pk/asn1/der/sequence/der_encode_sequence_ex.c
@@ -6,14 +6,14 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 #include <stdarg.h>
 
 
 /**
-  @file der_encode_sequence.c
+  @file der_encode_sequence_ex.c
   ASN.1 DER, encode a SEQUENCE, Tom St Denis
 */
 
@@ -25,10 +25,11 @@
    @param inlen     The number of items in the list
    @param out       [out] The destination 
    @param outlen    [in/out] The size of the output
+   @param type_of   LTC_ASN1_SEQUENCE or LTC_ASN1_SET/LTC_ASN1_SETOF
    @return CRYPT_OK on success
 */
-int der_encode_sequence(ltc_asn1_list *list, unsigned long inlen,
-                        unsigned char *out,  unsigned long *outlen) 
+int der_encode_sequence_ex(ltc_asn1_list *list, unsigned long inlen,
+                           unsigned char *out,  unsigned long *outlen, int type_of) 
 {
    int           err, type;
    unsigned long size, x, y, z, i;
@@ -50,6 +51,13 @@ int der_encode_sequence(ltc_asn1_list *list, unsigned long inlen,
        }
 
        switch (type) {
+            case LTC_ASN1_BOOLEAN:
+               if ((err = der_length_boolean(&x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
            case LTC_ASN1_INTEGER:
                if ((err = der_length_integer(data, &x)) != CRYPT_OK) {
                   goto LBL_ERR;
@@ -103,6 +111,13 @@ int der_encode_sequence(ltc_asn1_list *list, unsigned long inlen,
                y += x;
                break;
 
+           case LTC_ASN1_UTF8_STRING:
+               if ((err = der_length_utf8_string(data, size, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
            case LTC_ASN1_UTCTIME:
                if ((err = der_length_utctime(data, &x)) != CRYPT_OK) {
                   goto LBL_ERR;
@@ -110,13 +125,14 @@ int der_encode_sequence(ltc_asn1_list *list, unsigned long inlen,
                y += x;
                break;
 
+           case LTC_ASN1_SET:
+           case LTC_ASN1_SETOF:
            case LTC_ASN1_SEQUENCE:
                if ((err = der_length_sequence(data, size, &x)) != CRYPT_OK) {
                   goto LBL_ERR;
                }
                y += x;
                break;
-
           
            default:
                err = CRYPT_INVALID_ARG;
@@ -144,27 +160,29 @@ int der_encode_sequence(ltc_asn1_list *list, unsigned long inlen,
 
    /* too big ? */
    if (*outlen < y) {
+      *outlen = y;
       err = CRYPT_BUFFER_OVERFLOW;
       goto LBL_ERR;
    }
 
    /* store header */
    x = 0;
-   out[x++] = 0x30;
+   out[x++] = (type_of == LTC_ASN1_SEQUENCE) ? 0x30 : 0x31;
+      
    if (z < 128) {
-      out[x++] = z;
+      out[x++] = (unsigned char)z;
    } else if (z < 256) {
       out[x++] = 0x81;
-      out[x++] = z;
+      out[x++] = (unsigned char)z;
    } else if (z < 65536UL) {
       out[x++] = 0x82;
-      out[x++] = (z>>8UL)&255;
-      out[x++] = z&255;
+      out[x++] = (unsigned char)((z>>8UL)&255);
+      out[x++] = (unsigned char)(z&255);
    } else if (z < 16777216UL) {
       out[x++] = 0x83;
-      out[x++] = (z>>16UL)&255;
-      out[x++] = (z>>8UL)&255;
-      out[x++] = z&255;
+      out[x++] = (unsigned char)((z>>16UL)&255);
+      out[x++] = (unsigned char)((z>>8UL)&255);
+      out[x++] = (unsigned char)(z&255);
    }
 
    /* store data */
@@ -179,6 +197,15 @@ int der_encode_sequence(ltc_asn1_list *list, unsigned long inlen,
        }
 
        switch (type) {
+            case LTC_ASN1_BOOLEAN:
+               z = *outlen;
+               if ((err = der_encode_boolean(*((int *)data), out + x, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x       += z;
+               *outlen -= z;
+               break;
+          
            case LTC_ASN1_INTEGER:
                z = *outlen;
                if ((err = der_encode_integer(data, out + x, &z)) != CRYPT_OK) {
@@ -248,6 +275,15 @@ int der_encode_sequence(ltc_asn1_list *list, unsigned long inlen,
                *outlen -= z;
                break;
 
+           case LTC_ASN1_UTF8_STRING:
+               z = *outlen;
+               if ((err = der_encode_utf8_string(data, size, out + x, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x       += z;
+               *outlen -= z;
+               break;
+
            case LTC_ASN1_UTCTIME:
                z = *outlen;
                if ((err = der_encode_utctime(data, out + x, &z)) != CRYPT_OK) {
@@ -257,15 +293,33 @@ int der_encode_sequence(ltc_asn1_list *list, unsigned long inlen,
                *outlen -= z;
                break;
 
-           case LTC_ASN1_SEQUENCE:
+           case LTC_ASN1_SET:
+               z = *outlen;
+               if ((err = der_encode_set(data, size, out + x, &z)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x       += z;
+               *outlen -= z;
+               break;
+
+           case LTC_ASN1_SETOF:
                z = *outlen;
-               if ((err = der_encode_sequence(data, size, out + x, &z)) != CRYPT_OK) {
+               if ((err = der_encode_setof(data, size, out + x, &z)) != CRYPT_OK) {
                   goto LBL_ERR;
                }
                x       += z;
                *outlen -= z;
                break;
 
+           case LTC_ASN1_SEQUENCE:
+               z = *outlen;
+               if ((err = der_encode_sequence_ex(data, size, out + x, &z, type)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               x       += z;
+               *outlen -= z;
+               break;
+           
            default:
                err = CRYPT_INVALID_ARG;
                goto LBL_ERR;
diff --git a/libtomcrypt/src/pk/asn1/der/sequence/der_encode_sequence_multi.c b/libtomcrypt/src/pk/asn1/der/sequence/der_encode_sequence_multi.c
index 9ff48b9..da34c64 100644
--- a/libtomcrypt/src/pk/asn1/der/sequence/der_encode_sequence_multi.c
+++ b/libtomcrypt/src/pk/asn1/der/sequence/der_encode_sequence_multi.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 #include <stdarg.h>
@@ -19,6 +19,13 @@
 
 #ifdef LTC_DER
 
+/**
+  Encode a SEQUENCE type using a VA list
+  @param out    [out] Destination for data
+  @param outlen [in/out] Length of buffer and resulting length of output
+  @remark <...> is of the form <type, size, data> (int, unsigned long, void*)
+  @return CRYPT_OK on success
+*/  
 int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...)
 {
    int           err, type;
@@ -43,6 +50,7 @@ int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...)
        }
 
        switch (type) {
+           case LTC_ASN1_BOOLEAN:
            case LTC_ASN1_INTEGER:
            case LTC_ASN1_SHORT_INTEGER:
            case LTC_ASN1_BIT_STRING:
@@ -51,8 +59,11 @@ int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...)
            case LTC_ASN1_OBJECT_IDENTIFIER:
            case LTC_ASN1_IA5_STRING:
            case LTC_ASN1_PRINTABLE_STRING:
+           case LTC_ASN1_UTF8_STRING:
            case LTC_ASN1_UTCTIME:
            case LTC_ASN1_SEQUENCE:
+           case LTC_ASN1_SET:
+           case LTC_ASN1_SETOF:
                 ++x; 
                 break;
           
@@ -86,6 +97,7 @@ int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...)
        }
 
        switch (type) {
+           case LTC_ASN1_BOOLEAN:
            case LTC_ASN1_INTEGER:
            case LTC_ASN1_SHORT_INTEGER:
            case LTC_ASN1_BIT_STRING:
@@ -94,8 +106,11 @@ int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...)
            case LTC_ASN1_OBJECT_IDENTIFIER:
            case LTC_ASN1_IA5_STRING:
            case LTC_ASN1_PRINTABLE_STRING:
+           case LTC_ASN1_UTF8_STRING:
            case LTC_ASN1_UTCTIME:
            case LTC_ASN1_SEQUENCE:
+           case LTC_ASN1_SET:
+           case LTC_ASN1_SETOF:
                 list[x].type   = type;
                 list[x].size   = size;
                 list[x++].data = data;
@@ -119,5 +134,5 @@ LBL_ERR:
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/sequence/der_encode_sequence_multi.c,v $ */
-/* $Revision: 1.6 $ */
-/* $Date: 2005/06/18 19:20:23 $ */
+/* $Revision: 1.11 $ */
+/* $Date: 2006/11/26 02:25:18 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/sequence/der_length_sequence.c b/libtomcrypt/src/pk/asn1/der/sequence/der_length_sequence.c
index 9120451..36f4a2a 100644
--- a/libtomcrypt/src/pk/asn1/der/sequence/der_length_sequence.c
+++ b/libtomcrypt/src/pk/asn1/der/sequence/der_length_sequence.c
@@ -6,11 +6,9 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
-#include <stdarg.h>
-
 
 /**
   @file der_length_sequence.c
@@ -48,6 +46,13 @@ int der_length_sequence(ltc_asn1_list *list, unsigned long inlen,
        }
 
        switch (type) {
+           case LTC_ASN1_BOOLEAN:
+              if ((err = der_length_boolean(&x)) != CRYPT_OK) {
+                 goto LBL_ERR;
+              }
+              y += x;
+              break;
+          
            case LTC_ASN1_INTEGER:
                if ((err = der_length_integer(data, &x)) != CRYPT_OK) {
                   goto LBL_ERR;
@@ -101,6 +106,22 @@ int der_length_sequence(ltc_asn1_list *list, unsigned long inlen,
                y += x;
                break;
 
+           case LTC_ASN1_UTCTIME:
+               if ((err = der_length_utctime(data, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_UTF8_STRING:
+               if ((err = der_length_utf8_string(data, size, &x)) != CRYPT_OK) {
+                  goto LBL_ERR;
+               }
+               y += x;
+               break;
+
+           case LTC_ASN1_SET:
+           case LTC_ASN1_SETOF:
            case LTC_ASN1_SEQUENCE:
                if ((err = der_length_sequence(data, size, &x)) != CRYPT_OK) {
                   goto LBL_ERR;
@@ -142,3 +163,7 @@ LBL_ERR:
 }
 
 #endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/sequence/der_length_sequence.c,v $ */
+/* $Revision: 1.13 $ */
+/* $Date: 2006/11/26 02:25:18 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/sequence/der_sequence_free.c b/libtomcrypt/src/pk/asn1/der/sequence/der_sequence_free.c
new file mode 100644
index 0000000..dc826e3
--- /dev/null
+++ b/libtomcrypt/src/pk/asn1/der/sequence/der_sequence_free.c
@@ -0,0 +1,65 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_sequence_free.c
+  ASN.1 DER, free's a structure allocated by der_decode_sequence_flexi(), Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+/**
+  Free memory allocated by der_decode_sequence_flexi()
+  @param in     The list to free
+*/  
+void der_sequence_free(ltc_asn1_list *in)
+{
+   ltc_asn1_list *l;
+   
+   /* walk to the start of the chain */
+   while (in->prev != NULL || in->parent != NULL) {
+      if (in->parent != NULL) {
+          in = in->parent;
+      } else {
+          in = in->prev;
+      }
+   }
+   
+   /* now walk the list and free stuff */
+   while (in != NULL) {
+      /* is there a child? */
+      if (in->child) {
+         /* disconnect */
+         in->child->parent = NULL;
+         der_sequence_free(in->child);
+      }
+      
+      switch (in->type) { 
+         case LTC_ASN1_SET:
+         case LTC_ASN1_SETOF:
+         case LTC_ASN1_SEQUENCE: break;
+         case LTC_ASN1_INTEGER : if (in->data != NULL) { mp_clear(in->data); } break;
+         default               : if (in->data != NULL) { XFREE(in->data);    }
+      }
+      
+      /* move to next and free current */
+      l = in->next;
+      free(in);
+      in = l;
+   }     
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/sequence/der_sequence_free.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/set/der_encode_set.c b/libtomcrypt/src/pk/asn1/der/set/der_encode_set.c
new file mode 100644
index 0000000..a08d2b0
--- /dev/null
+++ b/libtomcrypt/src/pk/asn1/der/set/der_encode_set.c
@@ -0,0 +1,103 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+  * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_encode_set.c
+  ASN.1 DER, Encode a SET, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+/* LTC define to ASN.1 TAG */
+static int ltc_to_asn1(int v)
+{
+   switch (v) {
+      case LTC_ASN1_BOOLEAN:                 return 0x01;
+      case LTC_ASN1_INTEGER:
+      case LTC_ASN1_SHORT_INTEGER:           return 0x02;
+      case LTC_ASN1_BIT_STRING:              return 0x03;
+      case LTC_ASN1_OCTET_STRING:            return 0x04;
+      case LTC_ASN1_NULL:                    return 0x05;
+      case LTC_ASN1_OBJECT_IDENTIFIER:       return 0x06;
+      case LTC_ASN1_UTF8_STRING:             return 0x0C;
+      case LTC_ASN1_PRINTABLE_STRING:        return 0x13;
+      case LTC_ASN1_IA5_STRING:              return 0x16;
+      case LTC_ASN1_UTCTIME:                 return 0x17;
+      case LTC_ASN1_SEQUENCE:                return 0x30;
+      case LTC_ASN1_SET:
+      case LTC_ASN1_SETOF:                   return 0x31;
+      default: return -1;
+   }
+}         
+      
+
+static int qsort_helper(const void *a, const void *b)
+{
+   ltc_asn1_list *A = (ltc_asn1_list *)a, *B = (ltc_asn1_list *)b;
+   int            r;
+   
+   r = ltc_to_asn1(A->type) - ltc_to_asn1(B->type);
+   
+   /* for QSORT the order is UNDEFINED if they are "equal" which means it is NOT DETERMINISTIC.  So we force it to be :-) */
+   if (r == 0) {
+      /* their order in the original list now determines the position */
+      return A->used - B->used;
+   } else {
+      return r;
+   }
+}   
+
+/*
+   Encode a SET type
+   @param list      The list of items to encode
+   @param inlen     The number of items in the list
+   @param out       [out] The destination 
+   @param outlen    [in/out] The size of the output
+   @return CRYPT_OK on success
+*/
+int der_encode_set(ltc_asn1_list *list, unsigned long inlen,
+                   unsigned char *out,  unsigned long *outlen)
+{
+   ltc_asn1_list  *copy;
+   unsigned long   x;
+   int             err;
+   
+   /* make copy of list */
+   copy = XCALLOC(inlen, sizeof(*copy));
+   if (copy == NULL) {
+      return CRYPT_MEM;
+   }      
+   
+   /* fill in used member with index so we can fully sort it */
+   for (x = 0; x < inlen; x++) {
+       copy[x]      = list[x];
+       copy[x].used = x;
+   }       
+   
+   /* sort it by the "type" field */
+   XQSORT(copy, inlen, sizeof(*copy), &qsort_helper);   
+   
+   /* call der_encode_sequence_ex() */
+   err = der_encode_sequence_ex(copy, inlen, out, outlen, LTC_ASN1_SET);   
+   
+   /* free list */
+   XFREE(copy);
+   
+   return err;
+}                   
+
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/set/der_encode_set.c,v $ */
+/* $Revision: 1.11 $ */
+/* $Date: 2006/11/26 02:27:37 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/set/der_encode_setof.c b/libtomcrypt/src/pk/asn1/der/set/der_encode_setof.c
new file mode 100644
index 0000000..6c12eb4
--- /dev/null
+++ b/libtomcrypt/src/pk/asn1/der/set/der_encode_setof.c
@@ -0,0 +1,162 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_encode_setof.c
+  ASN.1 DER, Encode SET OF, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+struct edge {
+   unsigned char *start;
+   unsigned long  size;
+};
+
+static int qsort_helper(const void *a, const void *b)
+{
+   struct edge   *A = (struct edge *)a, *B = (struct edge *)b;
+   int            r;
+   unsigned long  x;
+   
+   /* compare min length */
+   r = XMEMCMP(A->start, B->start, MIN(A->size, B->size));
+   
+   if (r == 0 && A->size != B->size) {
+      if (A->size > B->size) {
+         for (x = B->size; x < A->size; x++) {
+            if (A->start[x]) {
+               return 1;
+            }
+         }
+      } else {
+         for (x = A->size; x < B->size; x++) {
+            if (B->start[x]) {
+               return -1;
+            }
+         }
+      }         
+   }
+   
+   return r;      
+}
+
+/**
+   Encode a SETOF stucture
+   @param list      The list of items to encode
+   @param inlen     The number of items in the list
+   @param out       [out] The destination 
+   @param outlen    [in/out] The size of the output
+   @return CRYPT_OK on success
+*/   
+int der_encode_setof(ltc_asn1_list *list, unsigned long inlen,
+                     unsigned char *out,  unsigned long *outlen)
+{
+   unsigned long  x, y, z, hdrlen;
+   int            err;
+   struct edge   *edges;
+   unsigned char *ptr, *buf;
+   
+   /* check that they're all the same type */
+   for (x = 1; x < inlen; x++) {
+      if (list[x].type != list[x-1].type) {
+         return CRYPT_INVALID_ARG;
+      }
+   }
+
+   /* alloc buffer to store copy of output */
+   buf = XCALLOC(1, *outlen);
+   if (buf == NULL) {
+      return CRYPT_MEM;
+   }      
+                  
+   /* encode list */
+   if ((err = der_encode_sequence_ex(list, inlen, buf, outlen, LTC_ASN1_SETOF)) != CRYPT_OK) {
+       XFREE(buf);
+       return err;
+   }
+   
+   /* allocate edges */
+   edges = XCALLOC(inlen, sizeof(*edges));
+   if (edges == NULL) {
+      XFREE(buf);
+      return CRYPT_MEM;
+   }      
+   
+   /* skip header */
+      ptr = buf + 1;
+
+      /* now skip length data */
+      x = *ptr++;
+      if (x >= 0x80) {
+         ptr += (x & 0x7F);
+      }
+      
+      /* get the size of the static header */
+      hdrlen = ((unsigned long)ptr) - ((unsigned long)buf);
+      
+      
+   /* scan for edges */
+   x = 0;
+   while (ptr < (buf + *outlen)) {
+      /* store start */
+      edges[x].start = ptr;
+      
+      /* skip type */
+      z = 1;
+      
+      /* parse length */
+      y = ptr[z++];
+      if (y < 128) {
+         edges[x].size = y;
+      } else {
+         y &= 0x7F;
+         edges[x].size = 0;
+         while (y--) {
+            edges[x].size = (edges[x].size << 8) | ((unsigned long)ptr[z++]);
+         }
+      }
+      
+      /* skip content */
+      edges[x].size += z;
+      ptr           += edges[x].size;
+      ++x;
+   }      
+      
+   /* sort based on contents (using edges) */
+   XQSORT(edges, inlen, sizeof(*edges), &qsort_helper);
+   
+   /* copy static header */
+   XMEMCPY(out, buf, hdrlen);
+   
+   /* copy+sort using edges+indecies to output from buffer */
+   for (y = hdrlen, x = 0; x < inlen; x++) {
+      XMEMCPY(out+y, edges[x].start, edges[x].size);
+      y += edges[x].size;
+   }      
+   
+#ifdef LTC_CLEAN_STACK
+   zeromem(buf, *outlen);
+#endif      
+   
+   /* free buffers */
+   XFREE(edges);
+   XFREE(buf);
+   
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/set/der_encode_setof.c,v $ */
+/* $Revision: 1.11 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/short_integer/der_decode_short_integer.c b/libtomcrypt/src/pk/asn1/der/short_integer/der_decode_short_integer.c
index 7d3d3b7..1407e9a 100644
--- a/libtomcrypt/src/pk/asn1/der/short_integer/der_decode_short_integer.c
+++ b/libtomcrypt/src/pk/asn1/der/short_integer/der_decode_short_integer.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -19,7 +19,7 @@
 #ifdef LTC_DER
 
 /**
-  Read a mp_int integer
+  Read a short integer
   @param in       The DER encoded data
   @param inlen    Size of data
   @param num      [out] The integer to decode
@@ -64,5 +64,5 @@ int der_decode_short_integer(const unsigned char *in, unsigned long inlen, unsig
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/short_integer/der_decode_short_integer.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/23 01:04:13 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/short_integer/der_encode_short_integer.c b/libtomcrypt/src/pk/asn1/der/short_integer/der_encode_short_integer.c
index eb94d38..95da2fa 100644
--- a/libtomcrypt/src/pk/asn1/der/short_integer/der_encode_short_integer.c
+++ b/libtomcrypt/src/pk/asn1/der/short_integer/der_encode_short_integer.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -18,9 +18,8 @@
 
 #ifdef LTC_DER
 
-/* Exports a positive integer as DER format (upto 32-bits in size) */
 /**
-  Store a mp_int integer
+  Store a short integer in the range (0,2^32-1)
   @param num      The integer to encode
   @param out      [out] The destination for the DER encoded integers
   @param outlen   [in/out] The max size and resulting size of the DER encoded integers
@@ -43,6 +42,7 @@ int der_encode_short_integer(unsigned long num, unsigned char *out, unsigned lon
    }
 
    if (*outlen < len) {
+      *outlen = len;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
@@ -70,7 +70,7 @@ int der_encode_short_integer(unsigned long num, unsigned char *out, unsigned lon
    /* store header */
    x = 0;
    out[x++] = 0x02;
-   out[x++] = z;
+   out[x++] = (unsigned char)z;
 
    /* if 31st bit is set output a leading zero and decrement count */
    if (z == 5) {
@@ -80,7 +80,7 @@ int der_encode_short_integer(unsigned long num, unsigned char *out, unsigned lon
 
    /* store values */
    for (y = 0; y < z; y++) {
-      out[x++] = (num >> 24) & 0xFF;
+      out[x++] = (unsigned char)((num >> 24) & 0xFF);
       num    <<= 8;
    }
 
@@ -93,5 +93,5 @@ int der_encode_short_integer(unsigned long num, unsigned char *out, unsigned lon
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/short_integer/der_encode_short_integer.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/23 01:27:03 $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/12/04 21:34:03 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/short_integer/der_length_short_integer.c b/libtomcrypt/src/pk/asn1/der/short_integer/der_length_short_integer.c
index 7324b4a..073e294 100644
--- a/libtomcrypt/src/pk/asn1/der/short_integer/der_length_short_integer.c
+++ b/libtomcrypt/src/pk/asn1/der/short_integer/der_length_short_integer.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -39,7 +39,7 @@ int der_length_short_integer(unsigned long num, unsigned long *outlen)
      ++z;
      y >>= 8;
    }
-
+   
    /* handle zero */
    if (z == 0) {
       z = 1;
@@ -59,11 +59,12 @@ int der_length_short_integer(unsigned long num, unsigned long *outlen)
 
    /* return length */
    *outlen = len; 
+   
    return CRYPT_OK;
 }
 
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/short_integer/der_length_short_integer.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/23 01:35:38 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/utctime/der_decode_utctime.c b/libtomcrypt/src/pk/asn1/der/utctime/der_decode_utctime.c
index 43ba033..8a1f5fb 100644
--- a/libtomcrypt/src/pk/asn1/der/utctime/der_decode_utctime.c
+++ b/libtomcrypt/src/pk/asn1/der/utctime/der_decode_utctime.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -39,6 +39,13 @@ static int char_to_int(unsigned char x)
    if (y >= max) return CRYPT_INVALID_PACKET;           \
    x += 2;
 
+/**
+  Decodes a UTC time structure in DER format (reads all 6 valid encoding formats)
+  @param in     Input buffer
+  @param inlen  Length of input buffer in octets
+  @param out    [out] Destination of UTC time structure
+  @return CRYPT_OK   if successful
+*/
 int der_decode_utctime(const unsigned char *in, unsigned long *inlen,
                              ltc_utctime   *out)
 {
@@ -116,5 +123,5 @@ YYMMDDhhmmss-hh'mm'
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/utctime/der_decode_utctime.c,v $ */
-/* $Revision: 1.6 $ */
-/* $Date: 2005/06/19 12:07:00 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/utctime/der_encode_utctime.c b/libtomcrypt/src/pk/asn1/der/utctime/der_encode_utctime.c
index dad8c84..ae2ccbe 100644
--- a/libtomcrypt/src/pk/asn1/der/utctime/der_encode_utctime.c
+++ b/libtomcrypt/src/pk/asn1/der/utctime/der_encode_utctime.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -24,8 +24,10 @@ static const char *baseten = "0123456789";
     out[x++] = der_ia5_char_encode(baseten[y % 10]);
 
 /**
-  Gets length of DER encoding of UTCTIME
-  @param outlen [out] The length of the DER encoding
+  Encodes a UTC time structure in DER format
+  @param utctime      The UTC time structure to encode
+  @param out          The destination of the DER encoding of the UTC time structure
+  @param outlen       [in/out] The length of the DER encoding
   @return CRYPT_OK if successful
 */
 int der_encode_utctime(ltc_utctime *utctime, 
@@ -42,6 +44,7 @@ int der_encode_utctime(ltc_utctime *utctime,
        return err;
     }
     if (tmplen > *outlen) {
+        *outlen = tmplen;
         return CRYPT_BUFFER_OVERFLOW;
     }
     
@@ -66,7 +69,7 @@ int der_encode_utctime(ltc_utctime *utctime,
     }
 
     /* store length */
-    out[1] = x - 2;
+    out[1] = (unsigned char)(x - 2);
    
     /* all good let's return */
     *outlen = x;
@@ -76,5 +79,5 @@ int der_encode_utctime(ltc_utctime *utctime,
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/utctime/der_encode_utctime.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/06/19 12:07:00 $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/12/04 21:34:03 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/utctime/der_length_utctime.c b/libtomcrypt/src/pk/asn1/der/utctime/der_length_utctime.c
index 84e654a..60f09de 100644
--- a/libtomcrypt/src/pk/asn1/der/utctime/der_length_utctime.c
+++ b/libtomcrypt/src/pk/asn1/der/utctime/der_length_utctime.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -19,6 +19,7 @@
 
 /**
   Gets length of DER encoding of UTCTIME
+  @param utctime      The UTC time structure to get the size of
   @param outlen [out] The length of the DER encoding
   @return CRYPT_OK if successful
 */
@@ -41,5 +42,5 @@ int der_length_utctime(ltc_utctime *utctime, unsigned long *outlen)
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/utctime/der_length_utctime.c,v $ */
-/* $Revision: 1.2 $ */
-/* $Date: 2005/06/19 11:23:04 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/utf8/der_decode_utf8_string.c b/libtomcrypt/src/pk/asn1/der/utf8/der_decode_utf8_string.c
new file mode 100644
index 0000000..28b5520
--- /dev/null
+++ b/libtomcrypt/src/pk/asn1/der/utf8/der_decode_utf8_string.c
@@ -0,0 +1,111 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_decode_utf8_string.c
+  ASN.1 DER, encode a UTF8 STRING, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+
+/**
+  Store a UTF8 STRING
+  @param in      The DER encoded UTF8 STRING
+  @param inlen   The size of the DER UTF8 STRING
+  @param out     [out] The array of utf8s stored (one per char)
+  @param outlen  [in/out] The number of utf8s stored
+  @return CRYPT_OK if successful
+*/
+int der_decode_utf8_string(const unsigned char *in,  unsigned long inlen,
+                                       wchar_t *out, unsigned long *outlen)
+{
+   wchar_t       tmp;
+   unsigned long x, y, z, len;
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* must have header at least */
+   if (inlen < 2) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* check for 0x0C */
+   if ((in[0] & 0x1F) != 0x0C) {
+      return CRYPT_INVALID_PACKET;
+   }
+   x = 1;
+
+   /* decode the length */
+   if (in[x] & 0x80) {
+      /* valid # of bytes in length are 1,2,3 */
+      y = in[x] & 0x7F;
+      if ((y == 0) || (y > 3) || ((x + y) > inlen)) {
+         return CRYPT_INVALID_PACKET;
+      }
+
+      /* read the length in */
+      len = 0;
+      ++x;
+      while (y--) {
+         len = (len << 8) | in[x++];
+      }
+   } else {
+      len = in[x++] & 0x7F;
+   }
+
+   if (len + x > inlen) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* proceed to decode */
+   for (y = 0; x < inlen; ) {
+      /* get first byte */
+      tmp = in[x++];
+ 
+      /* count number of bytes */
+      for (z = 0; (tmp & 0x80) && (z <= 4); z++, tmp = (tmp << 1) & 0xFF);
+      
+      if (z > 4 || (x + (z - 1) > inlen)) {
+         return CRYPT_INVALID_PACKET;
+      }
+
+      /* decode, grab upper bits */
+      tmp >>= z;
+
+      /* grab remaining bytes */
+      if (z > 1) { --z; }
+      while (z-- != 0) {
+         if ((in[x] & 0xC0) != 0x80) {
+            return CRYPT_INVALID_PACKET;
+         }
+         tmp = (tmp << 6) | ((wchar_t)in[x++] & 0x3F);
+      }
+
+      if (y > *outlen) {
+         *outlen = y;
+         return CRYPT_BUFFER_OVERFLOW;
+      }
+      out[y++] = tmp;
+   }
+   *outlen = y;
+
+   return CRYPT_OK;
+}
+ 
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/utf8/der_decode_utf8_string.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/11/26 02:27:37 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/utf8/der_encode_utf8_string.c b/libtomcrypt/src/pk/asn1/der/utf8/der_encode_utf8_string.c
new file mode 100644
index 0000000..2dd6081
--- /dev/null
+++ b/libtomcrypt/src/pk/asn1/der/utf8/der_encode_utf8_string.c
@@ -0,0 +1,105 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_encode_utf8_string.c
+  ASN.1 DER, encode a UTF8 STRING, Tom St Denis
+*/
+
+
+#ifdef LTC_DER
+
+/**
+  Store an UTF8 STRING
+  @param in       The array of UTF8 to store (one per wchar_t)
+  @param inlen    The number of UTF8 to store
+  @param out      [out] The destination for the DER encoded UTF8 STRING
+  @param outlen   [in/out] The max size and resulting size of the DER UTF8 STRING
+  @return CRYPT_OK if successful
+*/
+int der_encode_utf8_string(const wchar_t *in,  unsigned long inlen,
+                           unsigned char *out, unsigned long *outlen)
+{
+   unsigned long x, y, len;
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   /* get the size */
+   for (x = len = 0; x < inlen; x++) {
+       if (in[x] < 0 || in[x] > 0x1FFFF) { 
+          return CRYPT_INVALID_ARG;
+       }
+       len += der_utf8_charsize(in[x]);
+   }
+
+   if (len < 128) {
+      y = 2 + len;
+   } else if (len < 256) {
+      y = 3 + len;
+   } else if (len < 65536UL) {
+      y = 4 + len;
+   } else if (len < 16777216UL) {
+      y = 5 + len;
+   } else {
+      return CRYPT_INVALID_ARG;
+   }
+
+   /* too big? */
+   if (y > *outlen) {
+      *outlen = len;
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+
+   /* encode the header+len */
+   x = 0;
+   out[x++] = 0x0C;
+   if (len < 128) {
+      out[x++] = len;
+   } else if (len < 256) {
+      out[x++] = 0x81;
+      out[x++] = len;
+   } else if (len < 65536UL) {
+      out[x++] = 0x82;
+      out[x++] = (len>>8)&255;
+      out[x++] = len&255;
+   } else if (len < 16777216UL) {
+      out[x++] = 0x83;
+      out[x++] = (len>>16)&255;
+      out[x++] = (len>>8)&255;
+      out[x++] = len&255;
+   } else {
+      return CRYPT_INVALID_ARG;
+   }
+
+   /* store UTF8 */
+   for (y = 0; y < inlen; y++) {
+       switch (der_utf8_charsize(in[y])) {
+          case 1: out[x++] = in[y]; break;
+          case 2: out[x++] = 0xC0 | ((in[y] >> 6) & 0x1F);  out[x++] = 0x80 | (in[y] & 0x3F); break;
+          case 3: out[x++] = 0xE0 | ((in[y] >> 12) & 0x0F); out[x++] = 0x80 | ((in[y] >> 6) & 0x3F); out[x++] = 0x80 | (in[y] & 0x3F); break;
+          case 4: out[x++] = 0xF0 | ((in[y] >> 18) & 0x07); out[x++] = 0x80 | ((in[y] >> 12) & 0x3F); out[x++] = 0x80 | ((in[y] >> 6) & 0x3F); out[x++] = 0x80 | (in[y] & 0x3F); break;
+       }
+   }
+
+   /* retun length */
+   *outlen = x;
+
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/utf8/der_encode_utf8_string.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/12/16 17:41:21 $ */
diff --git a/libtomcrypt/src/pk/asn1/der/utf8/der_length_utf8_string.c b/libtomcrypt/src/pk/asn1/der/utf8/der_length_utf8_string.c
new file mode 100644
index 0000000..b5b2bc6
--- /dev/null
+++ b/libtomcrypt/src/pk/asn1/der/utf8/der_length_utf8_string.c
@@ -0,0 +1,83 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file der_length_utf8_string.c
+  ASN.1 DER, get length of UTF8 STRING, Tom St Denis
+*/
+
+#ifdef LTC_DER
+
+/** Return the size in bytes of a UTF-8 character
+  @param c   The UTF-8 character to measure
+  @return    The size in bytes
+*/
+unsigned long der_utf8_charsize(const wchar_t c)
+{
+   if (c <= 0x7F) {
+      return 1;
+   } else if (c <= 0x7FF) {
+      return 2;
+   } else if (c <= 0xFFFF) {
+      return 3;
+   } else {
+      return 4;
+   }
+}
+
+/**
+  Gets length of DER encoding of UTF8 STRING 
+  @param in       The characters to measure the length of
+  @param noctets  The number of octets in the string to encode
+  @param outlen   [out] The length of the DER encoding for the given string
+  @return CRYPT_OK if successful
+*/
+int der_length_utf8_string(const wchar_t *in, unsigned long noctets, unsigned long *outlen)
+{
+   unsigned long x, len;
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   len = 0;
+   for (x = 0; x < noctets; x++) {
+      if (in[x] < 0 || in[x] > 0x10FFFF) {
+         return CRYPT_INVALID_ARG;
+      }
+      len += der_utf8_charsize(in[x]);
+   }
+
+   if (len < 128) {
+      /* 0C LL DD DD DD ... */
+      *outlen = 2 + len;
+   } else if (len < 256) {
+      /* 0C 81 LL DD DD DD ... */
+      *outlen = 3 + len;
+   } else if (len < 65536UL) {
+      /* 0C 82 LL LL DD DD DD ... */
+      *outlen = 4 + len;
+   } else if (len < 16777216UL) {
+      /* 0C 83 LL LL LL DD DD DD ... */
+      *outlen = 5 + len;
+   } else {
+      return CRYPT_INVALID_ARG;
+   }
+
+   return CRYPT_OK;
+}
+
+#endif
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/asn1/der/utf8/der_length_utf8_string.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/12/16 17:41:21 $ */
diff --git a/libtomcrypt/src/pk/dh/dh.c b/libtomcrypt/src/pk/dh/dh.c
deleted file mode 100644
index a54f29b..0000000
--- a/libtomcrypt/src/pk/dh/dh.c
+++ /dev/null
@@ -1,524 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
- */
-#include "tomcrypt.h"
-
-/**
-  @file dh.c
-  DH crypto, Tom St Denis
-*/
-  
-#ifdef MDH
-
-/* max export size we'll encounter (smaller than this but lets round up a bit) */
-#define DH_BUF_SIZE 1200
-
-/* This holds the key settings.  ***MUST*** be organized by size from smallest to largest. */
-static const struct {
-    int size;
-    char *name, *base, *prime;
-} sets[] = {
-#ifdef DH768
-{
-   96,
-   "DH-768",
-   "4",
-   "F///////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "//////m3wvV"
-},
-#endif
-#ifdef DH1024
-{
-   128,
-   "DH-1024",
-   "4",
-   "F///////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////m3C47"
-},
-#endif
-#ifdef DH1280
-{
-   160,
-   "DH-1280",
-   "4",
-   "F///////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "//////////////////////////////m4kSN"
-},
-#endif
-#ifdef DH1536
-{
-   192,
-   "DH-1536",
-   "4",
-   "F///////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////m5uqd"
-},
-#endif
-#ifdef DH1792
-{
-   224,
-   "DH-1792",
-   "4",
-   "F///////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "//////////////////////////////////////////////////////mT/sd"
-},
-#endif
-#ifdef DH2048
-{
-   256,
-   "DH-2048",
-   "4",
-   "3///////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "/////////////////////////////////////////m8MPh"
-},
-#endif
-#ifdef DH2560
-{
-   320,
-   "DH-2560",
-   "4",
-   "3///////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "/////mKFpF"
-},
-#endif
-#ifdef DH3072
-{
-   384,
-   "DH-3072",
-   "4",
-   "3///////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "/////////////////////////////m32nN"
-},
-#endif
-#ifdef DH4096
-{
-   512,
-   "DH-4096",
-   "4",
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "////////////////////////////////////////////////////////////"
-   "/////////////////////m8pOF"
-},
-#endif
-{
-   0,
-   NULL,
-   NULL,
-   NULL
-}
-};
-
-static int is_valid_idx(int n)
-{
-   int x;
-
-   for (x = 0; sets[x].size; x++);
-   if ((n < 0) || (n >= x)) {
-      return 0;
-   }
-   return 1;
-}
-
-/**
-   Test the DH sub-system (can take a while)
-   @return CRYPT_OK if successful
-*/
-int dh_test(void)
-{
-    mp_int p, g, tmp;
-    int x, err, primality;
-
-    if ((err = mp_init_multi(&p, &g, &tmp, NULL)) != MP_OKAY)                 { goto error; }
-
-    for (x = 0; sets[x].size != 0; x++) {
-#if 0
-        printf("dh_test():testing size %d-bits\n", sets[x].size * 8);
-#endif
-        if ((err = mp_read_radix(&g,(char *)sets[x].base, 64)) != MP_OKAY)    { goto error; }
-        if ((err = mp_read_radix(&p,(char *)sets[x].prime, 64)) != MP_OKAY)   { goto error; }
-
-        /* ensure p is prime */
-        if ((err = is_prime(&p, &primality)) != CRYPT_OK)                     { goto done; }
-        if (primality == 0) {
-           err = CRYPT_FAIL_TESTVECTOR;
-           goto done;
-        }
-
-        if ((err = mp_sub_d(&p, 1, &tmp)) != MP_OKAY)                         { goto error; }
-        if ((err = mp_div_2(&tmp, &tmp)) != MP_OKAY)                          { goto error; }
-
-        /* ensure (p-1)/2 is prime */
-        if ((err = is_prime(&tmp, &primality)) != CRYPT_OK)                   { goto done; }
-        if (primality == 0) {
-           err = CRYPT_FAIL_TESTVECTOR;
-           goto done;
-        }
-
-        /* now see if g^((p-1)/2) mod p is in fact 1 */
-        if ((err = mp_exptmod(&g, &tmp, &p, &tmp)) != MP_OKAY)                { goto error; }
-        if (mp_cmp_d(&tmp, 1)) {
-           err = CRYPT_FAIL_TESTVECTOR;
-           goto done;
-        }
-    }
-    err = CRYPT_OK;
-    goto done;
-error:
-    err = mpi_to_ltc_error(err);
-done:
-    mp_clear_multi(&tmp, &g, &p, NULL);
-    return err;
-}
-
-/**
-   Get the min and max DH key sizes (octets)
-   @param low    [out] The smallest key size supported
-   @param high   [out] The largest key size supported
-*/
-void dh_sizes(int *low, int *high)
-{
-   int x;
-   LTC_ARGCHK(low != NULL);
-   LTC_ARGCHK(high != NULL);
-   *low  = INT_MAX;
-   *high = 0;
-   for (x = 0; sets[x].size != 0; x++) {
-       if (*low > sets[x].size)  *low  = sets[x].size;
-       if (*high < sets[x].size) *high = sets[x].size;
-   }
-}
-
-/**
-  Returns the key size of a given DH key (octets)
-  @param key   The DH key to get the size of
-  @return The size if valid or INT_MAX if not
-*/
-int dh_get_size(dh_key *key)
-{
-    LTC_ARGCHK(key != NULL);
-    if (is_valid_idx(key->idx) == 1) {
-        return sets[key->idx].size;
-    } else {
-        return INT_MAX; /* large value that would cause dh_make_key() to fail */
-    }
-}
-
-/**
-  Make a DH key [private key pair]
-  @param prng     An active PRNG state
-  @param wprng    The index for the PRNG you desire to use
-  @param keysize  The key size (octets) desired
-  @param key      [out] Where the newly created DH key will be stored
-  @return CRYPT_OK if successful, note: on error all allocated memory will be freed automatically.
-*/
-int dh_make_key(prng_state *prng, int wprng, int keysize, dh_key *key)
-{
-   unsigned char *buf;
-   unsigned long x;
-   mp_int p, g;
-   int err;
-
-   LTC_ARGCHK(key  != NULL);
-
-   /* good prng? */
-   if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
-      return err;
-   }
-
-   /* find key size */
-   for (x = 0; (keysize > sets[x].size) && (sets[x].size != 0); x++);
-#ifdef FAST_PK
-   keysize = MIN(sets[x].size, 32);
-#else
-   keysize = sets[x].size;
-#endif
-
-   if (sets[x].size == 0) {
-      return CRYPT_INVALID_KEYSIZE;
-   }
-   key->idx = x;
-
-   /* allocate buffer */
-   buf = XMALLOC(keysize);
-   if (buf == NULL) {
-      return CRYPT_MEM;
-   }
-
-   /* make up random string */
-   if (prng_descriptor[wprng].read(buf, keysize, prng) != (unsigned long)keysize) {
-      err = CRYPT_ERROR_READPRNG; 
-      goto error2;
-   }
-
-   /* init parameters */
-   if ((err = mp_init_multi(&g, &p, &key->x, &key->y, NULL)) != MP_OKAY) {
-      goto error;
-   }
-   if ((err = mp_read_radix(&g, sets[key->idx].base, 64)) != MP_OKAY)      { goto error; }
-   if ((err = mp_read_radix(&p, sets[key->idx].prime, 64)) != MP_OKAY)     { goto error; }
-
-   /* load the x value */
-   if ((err = mp_read_unsigned_bin(&key->x, buf, keysize)) != MP_OKAY)     { goto error; }
-   if ((err = mp_exptmod(&g, &key->x, &p, &key->y)) != MP_OKAY)            { goto error; }
-   key->type = PK_PRIVATE;
-
-   if ((err = mp_shrink(&key->x)) != MP_OKAY)                              { goto error; }
-   if ((err = mp_shrink(&key->y)) != MP_OKAY)                              { goto error; }
-
-   /* free up ram */
-   err = CRYPT_OK;
-   goto done;
-error:
-   err = mpi_to_ltc_error(err);
-error2:
-   mp_clear_multi(&key->x, &key->y, NULL);
-done:
-#ifdef LTC_CLEAN_STACK
-   zeromem(buf, keysize);
-#endif
-   mp_clear_multi(&p, &g, NULL);
-   XFREE(buf);
-   return err;
-}
-
-/**
-  Free the allocated ram for a DH key
-  @param key   The key which you wish to free
-*/ 
-void dh_free(dh_key *key)
-{
-   LTC_ARGCHK(key != NULL);
-   mp_clear_multi(&key->x, &key->y, NULL);
-}
-
-/**
-  Export a DH key to a binary packet
-  @param out    [out] The destination for the key
-  @param outlen [in/out] The max size and resulting size of the DH key
-  @param type   Which type of key (PK_PRIVATE or PK_PUBLIC)
-  @param key    The key you wish to export
-  @return CRYPT_OK if successful
-*/
-int dh_export(unsigned char *out, unsigned long *outlen, int type, dh_key *key)
-{
-   unsigned long y, z;
-   int err;
-
-   LTC_ARGCHK(out    != NULL);
-   LTC_ARGCHK(outlen != NULL);
-   LTC_ARGCHK(key    != NULL);
-
-   /* can we store the static header?  */
-   if (*outlen < (PACKET_SIZE + 2)) {
-      return CRYPT_BUFFER_OVERFLOW;
-   }
-   
-   if (type == PK_PRIVATE && key->type != PK_PRIVATE) {
-      return CRYPT_PK_NOT_PRIVATE;
-   }
-
-   /* header */
-   y = PACKET_SIZE;
-
-   /* header */
-   out[y++] = type;
-   out[y++] = (unsigned char)(sets[key->idx].size / 8);
-
-   /* export y */
-   OUTPUT_BIGNUM(&key->y, out, y, z);
-
-   if (type == PK_PRIVATE) {
-      /* export x */
-      OUTPUT_BIGNUM(&key->x, out, y, z);
-   }
-
-   /* store header */
-   packet_store_header(out, PACKET_SECT_DH, PACKET_SUB_KEY);
-
-   /* store len */
-   *outlen = y;
-   return CRYPT_OK;
-}
-
-/**
-  Import a DH key from a binary packet
-  @param in     The packet to read
-  @param inlen  The length of the input packet
-  @param key    [out] Where to import the key to
-  @return CRYPT_OK if successful, on error all allocated memory is freed automatically
-*/
-int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key)
-{
-   unsigned long x, y, s;
-   int err;
-
-   LTC_ARGCHK(in  != NULL);
-   LTC_ARGCHK(key != NULL);
-
-   /* make sure valid length */
-   if ((2+PACKET_SIZE) > inlen) {
-      return CRYPT_INVALID_PACKET;
-   }
-
-   /* check type byte */
-   if ((err = packet_valid_header((unsigned char *)in, PACKET_SECT_DH, PACKET_SUB_KEY)) != CRYPT_OK) {
-      return err;
-   }
-
-   /* init */
-   if ((err = mp_init_multi(&key->x, &key->y, NULL)) != MP_OKAY) {
-      return mpi_to_ltc_error(err);
-   }
-
-   /* advance past packet header */
-   y = PACKET_SIZE;
-
-   /* key type, e.g. private, public */
-   key->type = (int)in[y++];
-
-   /* key size in bytes */
-   s  = (unsigned long)in[y++] * 8;
-
-   for (x = 0; (s > (unsigned long)sets[x].size) && (sets[x].size != 0); x++);
-   if (sets[x].size == 0) {
-      err = CRYPT_INVALID_KEYSIZE;
-      goto error;
-   }
-   key->idx = (int)x;
-
-   /* type check both values */
-   if ((key->type != PK_PUBLIC) && (key->type != PK_PRIVATE))  {
-      err = CRYPT_PK_TYPE_MISMATCH;
-      goto error;
-   }
-
-   /* is the key idx valid? */
-   if (is_valid_idx(key->idx) != 1) {
-      err = CRYPT_PK_TYPE_MISMATCH;
-      goto error;
-   }
-
-   /* load public value g^x mod p*/
-   INPUT_BIGNUM(&key->y, in, x, y, inlen);
-
-   if (key->type == PK_PRIVATE) {
-      INPUT_BIGNUM(&key->x, in, x, y, inlen);
-   }
-
-   /* eliminate private key if public */
-   if (key->type == PK_PUBLIC) {
-      mp_clear(&key->x);
-   }
-
-   return CRYPT_OK;
-error:
-   mp_clear_multi(&key->y, &key->x, NULL);
-   return err;
-}
-
-/**
-   Create a DH shared secret.
-   @param private_key     The private DH key in the pair
-   @param public_key      The public DH key in the pair 
-   @param out             [out] The destination of the shared data
-   @param outlen          [in/out] The max size and resulting size of the shared data.
-   @return CRYPT_OK if successful
-*/
-int dh_shared_secret(dh_key *private_key, dh_key *public_key,
-                     unsigned char *out, unsigned long *outlen)
-{
-   mp_int tmp, p;
-   unsigned long x;
-   int err;
-
-   LTC_ARGCHK(private_key != NULL);
-   LTC_ARGCHK(public_key  != NULL);
-   LTC_ARGCHK(out         != NULL);
-   LTC_ARGCHK(outlen      != NULL);
-
-   /* types valid? */
-   if (private_key->type != PK_PRIVATE) {
-      return CRYPT_PK_NOT_PRIVATE;
-   }
-
-   /* same idx? */
-   if (private_key->idx != public_key->idx) {
-      return CRYPT_PK_TYPE_MISMATCH;
-   }
-
-   /* compute y^x mod p */
-   if ((err = mp_init_multi(&tmp, &p, NULL)) != MP_OKAY) {
-      return mpi_to_ltc_error(err);
-   }
-
-   if ((err = mp_read_radix(&p, (char *)sets[private_key->idx].prime, 64)) != MP_OKAY)     { goto error; }
-   if ((err = mp_exptmod(&public_key->y, &private_key->x, &p, &tmp)) != MP_OKAY)           { goto error; }
-
-   /* enough space for output? */
-   x = (unsigned long)mp_unsigned_bin_size(&tmp);
-   if (*outlen < x) {
-      err = CRYPT_BUFFER_OVERFLOW;
-      goto done;
-   }
-   if ((err = mp_to_unsigned_bin(&tmp, out)) != MP_OKAY)                                   { goto error; }
-   *outlen = x;
-   err = CRYPT_OK;
-   goto done;
-error:
-   err = mpi_to_ltc_error(err);
-done:
-   mp_clear_multi(&p, &tmp, NULL);
-   return err;
-}
-
-#include "dh_sys.c"
-
-#endif
-
-
-/* $Source: /cvs/libtom/libtomcrypt/src/pk/dh/dh.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
diff --git a/libtomcrypt/src/pk/dh/dh_sys.c b/libtomcrypt/src/pk/dh/dh_sys.c
deleted file mode 100644
index 4f10556..0000000
--- a/libtomcrypt/src/pk/dh/dh_sys.c
+++ /dev/null
@@ -1,499 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
- */
-
-/**
-  @file dh_sys.c
-  DH Crypto, Tom St Denis
-*/
-  
-/**
-  Encrypt a short symmetric key with a public DH key
-  @param in        The symmetric key to encrypt
-  @param inlen     The length of the key (octets)
-  @param out       [out] The ciphertext
-  @param outlen    [in/out]  The max size and resulting size of the ciphertext
-  @param prng      An active PRNG state
-  @param wprng     The index of the PRNG desired
-  @param hash      The index of the hash desired (must produce a digest of size >= the size of the plaintext)
-  @param key       The public key you wish to encrypt with.
-  @return CRYPT_OK if successful
-*/
-int dh_encrypt_key(const unsigned char *in,   unsigned long inlen,
-                         unsigned char *out,  unsigned long *outlen,
-                         prng_state *prng, int wprng, int hash,
-                         dh_key *key)
-{
-    unsigned char *pub_expt, *dh_shared, *skey;
-    dh_key        pubkey;
-    unsigned long x, y, z, hashsize, pubkeysize;
-    int           err;
-
-    LTC_ARGCHK(in != NULL);
-    LTC_ARGCHK(out   != NULL);
-    LTC_ARGCHK(outlen   != NULL);
-    LTC_ARGCHK(key   != NULL);
-
-    /* check that wprng/hash are not invalid */
-    if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
-       return err;
-    }
-
-    if ((err = hash_is_valid(hash)) != CRYPT_OK) {
-       return err;
-    }
-
-    if (inlen > hash_descriptor[hash].hashsize)  {
-        return CRYPT_INVALID_HASH;
-    }
-
-    /* allocate memory */
-    pub_expt  = XMALLOC(DH_BUF_SIZE);
-    dh_shared = XMALLOC(DH_BUF_SIZE);
-    skey      = XMALLOC(MAXBLOCKSIZE);
-    if (pub_expt == NULL || dh_shared == NULL || skey == NULL) {
-       if (pub_expt != NULL) {
-          XFREE(pub_expt);
-       }
-       if (dh_shared != NULL) {
-          XFREE(dh_shared);
-       }
-       if (skey != NULL) {
-          XFREE(skey);
-       }
-       return CRYPT_MEM;
-    }
-
-    /* make a random key and export the public copy */
-    if ((err = dh_make_key(prng, wprng, dh_get_size(key), &pubkey)) != CRYPT_OK) {
-       goto LBL_ERR;
-    }
-
-    pubkeysize = DH_BUF_SIZE;
-    if ((err = dh_export(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey)) != CRYPT_OK) {
-       dh_free(&pubkey);
-       goto LBL_ERR;
-    }
-
-    /* now check if the out buffer is big enough */
-    if (*outlen < (1 + 4 + 4 + PACKET_SIZE + pubkeysize + inlen)) {
-       dh_free(&pubkey);
-       err = CRYPT_BUFFER_OVERFLOW;
-       goto LBL_ERR;
-    }
-
-    /* make random key */
-    hashsize  = hash_descriptor[hash].hashsize;
-
-    x = DH_BUF_SIZE;
-    if ((err = dh_shared_secret(&pubkey, key, dh_shared, &x)) != CRYPT_OK) {
-       dh_free(&pubkey);
-       goto LBL_ERR;
-    }
-    dh_free(&pubkey);
-
-    z = MAXBLOCKSIZE;
-    if ((err = hash_memory(hash, dh_shared, x, skey, &z)) != CRYPT_OK) {
-       goto LBL_ERR;
-    }
-
-    /* store header */
-    packet_store_header(out, PACKET_SECT_DH, PACKET_SUB_ENC_KEY);
-
-    /* output header */
-    y = PACKET_SIZE;
-
-    /* size of hash name and the name itself */
-    out[y++] = hash_descriptor[hash].ID;
-
-    /* length of DH pubkey and the key itself */
-    STORE32L(pubkeysize, out+y);
-    y += 4;
-    for (x = 0; x < pubkeysize; x++, y++) {
-        out[y] = pub_expt[x];
-    }
-
-    /* Store the encrypted key */
-    STORE32L(inlen, out+y);
-    y += 4;
-
-    for (x = 0; x < inlen; x++, y++) {
-      out[y] = skey[x] ^ in[x];
-    }
-    *outlen = y;
-
-    err = CRYPT_OK;
-LBL_ERR:
-#ifdef LTC_CLEAN_STACK
-    /* clean up */
-    zeromem(pub_expt,  DH_BUF_SIZE);
-    zeromem(dh_shared, DH_BUF_SIZE);
-    zeromem(skey,      MAXBLOCKSIZE);
-#endif
-    XFREE(skey);
-    XFREE(dh_shared);
-    XFREE(pub_expt);
-
-    return err;
-}
-
-/**
-   Decrypt a DH encrypted symmetric key
-   @param in       The DH encrypted packet
-   @param inlen    The length of the DH encrypted packet
-   @param out      The plaintext
-   @param outlen   [in/out]  The max size and resulting size of the plaintext
-   @param key      The private DH key corresponding to the public key that encrypted the plaintext
-   @return CRYPT_OK if successful
-*/
-int dh_decrypt_key(const unsigned char *in, unsigned long inlen,
-                         unsigned char *out, unsigned long *outlen, 
-                         dh_key *key)
-{
-   unsigned char *shared_secret, *skey;
-   unsigned long  x, y, z, hashsize, keysize;
-   int            hash, err;
-   dh_key         pubkey;
-
-   LTC_ARGCHK(in     != NULL);
-   LTC_ARGCHK(out != NULL);
-   LTC_ARGCHK(outlen != NULL);
-   LTC_ARGCHK(key    != NULL);
-
-   /* right key type? */
-   if (key->type != PK_PRIVATE) {
-      return CRYPT_PK_NOT_PRIVATE;
-   }
-
-   /* allocate ram */
-   shared_secret = XMALLOC(DH_BUF_SIZE);
-   skey          = XMALLOC(MAXBLOCKSIZE);
-   if (shared_secret == NULL || skey == NULL) {
-      if (shared_secret != NULL) {
-         XFREE(shared_secret);
-      }
-      if (skey != NULL) {
-         XFREE(skey);
-      }
-      return CRYPT_MEM;
-   }
-
-   /* check if initial header should fit */
-   if (inlen < PACKET_SIZE+1+4+4) {
-      err =  CRYPT_INVALID_PACKET;
-      goto LBL_ERR;
-   } else {
-      inlen -= PACKET_SIZE+1+4+4;
-   }
-
-   /* is header correct? */
-   if ((err = packet_valid_header((unsigned char *)in, PACKET_SECT_DH, PACKET_SUB_ENC_KEY)) != CRYPT_OK)  {
-      goto LBL_ERR;
-   }
-
-   /* now lets get the hash name */
-   y = PACKET_SIZE;
-   hash = find_hash_id(in[y++]);
-   if (hash == -1) {
-      err = CRYPT_INVALID_HASH;
-      goto LBL_ERR;
-   }
-
-   /* common values */
-   hashsize  = hash_descriptor[hash].hashsize;
-
-   /* get public key */
-   LOAD32L(x, in+y);
-   
-   /* now check if the imported key will fit */
-   if (inlen < x) {
-      err = CRYPT_INVALID_PACKET;
-      goto LBL_ERR;
-   } else {
-      inlen -= x;
-   }
-   
-   y += 4;
-   if ((err = dh_import(in+y, x, &pubkey)) != CRYPT_OK) {
-      goto LBL_ERR;
-   }
-   y += x;
-
-   /* make shared key */
-   x = DH_BUF_SIZE;
-   if ((err = dh_shared_secret(key, &pubkey, shared_secret, &x)) != CRYPT_OK) {
-      dh_free(&pubkey);
-      goto LBL_ERR;
-   }
-   dh_free(&pubkey);
-
-   z = MAXBLOCKSIZE;
-   if ((err = hash_memory(hash, shared_secret, x, skey, &z)) != CRYPT_OK) {
-      goto LBL_ERR;
-   }
-
-   /* load in the encrypted key */
-   LOAD32L(keysize, in+y);
-   
-   /* will the out fit as part of the input */
-   if (inlen < keysize) {
-      err = CRYPT_INVALID_PACKET;
-      goto LBL_ERR;
-   } else {
-      inlen -= keysize;
-   }
-   
-   if (keysize > *outlen) {
-       err = CRYPT_BUFFER_OVERFLOW;
-       goto LBL_ERR;
-   }
-   y += 4;
-
-   *outlen = keysize;
-
-   for (x = 0; x < keysize; x++, y++) {
-      out[x] = skey[x] ^ in[y];
-   }
-
-   err = CRYPT_OK;
-LBL_ERR:
-#ifdef LTC_CLEAN_STACK
-   zeromem(shared_secret, DH_BUF_SIZE);
-   zeromem(skey,          MAXBLOCKSIZE);
-#endif
-
-   XFREE(skey);
-   XFREE(shared_secret);
-
-   return err;
-}
-
-/* perform an ElGamal Signature of a hash 
- *
- * The math works as follows.  x is the private key, M is the message to sign
- 
- 1.  pick a random k
- 2.  compute a = g^k mod p
- 3.  compute b = (M - xa)/k mod p
- 4.  Send (a,b)
- 
- Now to verify with y=g^x mod p, a and b
- 
- 1.  compute y^a * a^b = g^(xa) * g^(k*(M-xa)/k)
-                       = g^(xa + (M - xa))
-                       = g^M [all mod p]
-                       
- 2.  Compare against g^M mod p [based on input hash].
- 3.  If result of #2 == result of #1 then signature valid 
-*/
-
-/**
-  Sign a message digest using a DH private key 
-  @param in      The data to sign
-  @param inlen   The length of the input (octets)
-  @param out     [out] The destination of the signature
-  @param outlen  [in/out] The max size and resulting size of the output
-  @param prng    An active PRNG state
-  @param wprng   The index of the PRNG desired
-  @param key     A private DH key
-  @return CRYPT_OK if successful
-*/
-int dh_sign_hash(const unsigned char *in,  unsigned long inlen,
-                       unsigned char *out, unsigned long *outlen,
-                       prng_state *prng, int wprng, dh_key *key)
-{
-   mp_int         a, b, k, m, g, p, p1, tmp;
-   unsigned char *buf;
-   unsigned long  x, y;
-   int            err;
-
-   LTC_ARGCHK(in     != NULL);
-   LTC_ARGCHK(out    != NULL);
-   LTC_ARGCHK(outlen != NULL);
-   LTC_ARGCHK(key    != NULL);
-
-   /* check parameters */
-   if (key->type != PK_PRIVATE) {
-      return CRYPT_PK_NOT_PRIVATE;
-   }
-
-   if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
-      return err;
-   }
-
-   /* is the IDX valid ?  */
-   if (is_valid_idx(key->idx) != 1) {
-      return CRYPT_PK_INVALID_TYPE;
-   }
-
-   /* allocate ram for buf */
-   buf = XMALLOC(520);
-
-   /* make up a random value k,
-    * since the order of the group is prime
-    * we need not check if gcd(k, r) is 1 
-    */
-   if (prng_descriptor[wprng].read(buf, sets[key->idx].size, prng) != 
-       (unsigned long)(sets[key->idx].size)) {
-      err = CRYPT_ERROR_READPRNG;
-      goto LBL_ERR;
-   }
-
-   /* init bignums */
-   if ((err = mp_init_multi(&a, &b, &k, &m, &p, &g, &p1, &tmp, NULL)) != MP_OKAY) { 
-      err = mpi_to_ltc_error(err);
-      goto LBL_ERR;
-   }
-
-   /* load k and m */
-   if ((err = mp_read_unsigned_bin(&m, (unsigned char *)in, inlen)) != MP_OKAY)        { goto error; }
-   if ((err = mp_read_unsigned_bin(&k, buf, sets[key->idx].size)) != MP_OKAY)          { goto error; }
-
-   /* load g, p and p1 */
-   if ((err = mp_read_radix(&g, sets[key->idx].base, 64)) != MP_OKAY)               { goto error; }
-   if ((err = mp_read_radix(&p, sets[key->idx].prime, 64)) != MP_OKAY)              { goto error; }
-   if ((err = mp_sub_d(&p, 1, &p1)) != MP_OKAY)                                     { goto error; }
-   if ((err = mp_div_2(&p1, &p1)) != MP_OKAY)                                       { goto error; } /* p1 = (p-1)/2 */
-
-   /* now get a = g^k mod p */
-   if ((err = mp_exptmod(&g, &k, &p, &a)) != MP_OKAY)                               { goto error; }
-
-   /* now find M = xa + kb mod p1 or just b = (M - xa)/k mod p1 */
-   if ((err = mp_invmod(&k, &p1, &k)) != MP_OKAY)                                   { goto error; } /* k = 1/k mod p1 */
-   if ((err = mp_mulmod(&a, &key->x, &p1, &tmp)) != MP_OKAY)                        { goto error; } /* tmp = xa */
-   if ((err = mp_submod(&m, &tmp, &p1, &tmp)) != MP_OKAY)                           { goto error; } /* tmp = M - xa */
-   if ((err = mp_mulmod(&k, &tmp, &p1, &b)) != MP_OKAY)                             { goto error; } /* b = (M - xa)/k */
-   
-   /* check for overflow */
-   if ((unsigned long)(PACKET_SIZE + 4 + 4 + mp_unsigned_bin_size(&a) + mp_unsigned_bin_size(&b)) > *outlen) {
-      err = CRYPT_BUFFER_OVERFLOW;
-      goto LBL_ERR;
-   }
-   
-   /* store header  */
-   y = PACKET_SIZE;
-
-   /* now store them both (a,b) */
-   x = (unsigned long)mp_unsigned_bin_size(&a);
-   STORE32L(x, out+y);  y += 4;
-   if ((err = mp_to_unsigned_bin(&a, out+y)) != MP_OKAY)                            { goto error; }
-   y += x;
-
-   x = (unsigned long)mp_unsigned_bin_size(&b);
-   STORE32L(x, out+y);  y += 4;
-   if ((err = mp_to_unsigned_bin(&b, out+y)) != MP_OKAY)                            { goto error; }
-   y += x;
-
-   /* check if size too big */
-   if (*outlen < y) {
-      err = CRYPT_BUFFER_OVERFLOW;
-      goto LBL_ERR;
-   }
-
-   /* store header */
-   packet_store_header(out, PACKET_SECT_DH, PACKET_SUB_SIGNED);
-   *outlen = y;
-
-   err = CRYPT_OK;
-   goto LBL_ERR;
-error:
-   err = mpi_to_ltc_error(err);
-LBL_ERR:
-   mp_clear_multi(&tmp, &p1, &g, &p, &m, &k, &b, &a, NULL);
-
-   XFREE(buf);
-
-   return err;
-}
-
-
-/**
-   Verify the signature given
-   @param sig        The signature
-   @param siglen     The length of the signature (octets)
-   @param hash       The hash that was signed
-   @param hashlen    The length of the hash (octets)
-   @param stat       [out] Result of signature comparison, 1==valid, 0==invalid
-   @param key        The public DH key that signed the hash
-   @return CRYPT_OK if succsessful (even if signature is invalid)
-*/
-int dh_verify_hash(const unsigned char *sig, unsigned long siglen,
-                   const unsigned char *hash, unsigned long hashlen, 
-                         int *stat, dh_key *key)
-{
-   mp_int        a, b, p, g, m, tmp;
-   unsigned long x, y;
-   int           err;
-
-   LTC_ARGCHK(sig  != NULL);
-   LTC_ARGCHK(hash != NULL);
-   LTC_ARGCHK(stat != NULL);
-   LTC_ARGCHK(key  != NULL);
-
-   /* default to invalid */
-   *stat = 0;
-
-   /* check initial input length */
-   if (siglen < PACKET_SIZE+4+4) {
-      return CRYPT_INVALID_PACKET;
-   } 
-
-   /* header ok? */
-   if ((err = packet_valid_header((unsigned char *)sig, PACKET_SECT_DH, PACKET_SUB_SIGNED)) != CRYPT_OK) {
-      return err;
-   }
-   
-   /* get hash out of packet */
-   y = PACKET_SIZE;
-
-   /* init all bignums */
-   if ((err = mp_init_multi(&a, &p, &b, &g, &m, &tmp, NULL)) != MP_OKAY) { 
-      return mpi_to_ltc_error(err);
-   }
-
-   /* load a and b */
-   INPUT_BIGNUM(&a, sig, x, y, siglen);
-   INPUT_BIGNUM(&b, sig, x, y, siglen);
-
-   /* load p and g */
-   if ((err = mp_read_radix(&p, sets[key->idx].prime, 64)) != MP_OKAY)              { goto error1; }
-   if ((err = mp_read_radix(&g, sets[key->idx].base, 64)) != MP_OKAY)               { goto error1; }
-
-   /* load m */
-   if ((err = mp_read_unsigned_bin(&m, (unsigned char *)hash, hashlen)) != MP_OKAY) { goto error1; }
-
-   /* find g^m mod p */
-   if ((err = mp_exptmod(&g, &m, &p, &m)) != MP_OKAY)                { goto error1; } /* m = g^m mod p */
-
-   /* find y^a * a^b */
-   if ((err = mp_exptmod(&key->y, &a, &p, &tmp)) != MP_OKAY)         { goto error1; } /* tmp = y^a mod p */
-   if ((err = mp_exptmod(&a, &b, &p, &a)) != MP_OKAY)                { goto error1; } /* a = a^b mod p */
-   if ((err = mp_mulmod(&a, &tmp, &p, &a)) != MP_OKAY)               { goto error1; } /* a = y^a * a^b mod p */
-
-   /* y^a * a^b == g^m ??? */
-   if (mp_cmp(&a, &m) == 0) {
-      *stat = 1;
-   }
-
-   /* clean up */
-   err = CRYPT_OK;
-   goto done;
-error1:
-   err = mpi_to_ltc_error(err);
-error:
-done:
-   mp_clear_multi(&tmp, &m, &g, &p, &b, &a, NULL);
-   return err;
-}
-
-
-/* $Source: /cvs/libtom/libtomcrypt/src/pk/dh/dh_sys.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
diff --git a/libtomcrypt/src/pk/dsa/dsa_decrypt_key.c b/libtomcrypt/src/pk/dsa/dsa_decrypt_key.c
new file mode 100644
index 0000000..5cbedc6
--- /dev/null
+++ b/libtomcrypt/src/pk/dsa/dsa_decrypt_key.c
@@ -0,0 +1,139 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file dsa_decrypt_key.c
+  DSA Crypto, Tom St Denis
+*/  
+
+#ifdef MDSA
+
+/**
+  Decrypt an DSA encrypted key
+  @param in       The ciphertext
+  @param inlen    The length of the ciphertext (octets)
+  @param out      [out] The plaintext
+  @param outlen   [in/out] The max size and resulting size of the plaintext
+  @param key      The corresponding private DSA key
+  @return CRYPT_OK if successful
+*/
+int dsa_decrypt_key(const unsigned char *in,  unsigned long  inlen,
+                          unsigned char *out, unsigned long *outlen, 
+                          dsa_key *key)
+{
+   unsigned char  *skey, *expt;
+   void           *g_pub;
+   unsigned long  x, y, hashOID[32];
+   int            hash, err;
+   ltc_asn1_list  decode[3];
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+   LTC_ARGCHK(key    != NULL);
+
+   /* right key type? */
+   if (key->type != PK_PRIVATE) {
+      return CRYPT_PK_NOT_PRIVATE;
+   }
+   
+   /* decode to find out hash */
+   LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0]));
+ 
+   if ((err = der_decode_sequence(in, inlen, decode, 1)) != CRYPT_OK) {
+      return err;
+   }
+
+   hash = find_hash_oid(hashOID, decode[0].size);                   
+   if (hash_is_valid(hash) != CRYPT_OK) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* we now have the hash! */
+   
+   if ((err = mp_init(&g_pub)) != CRYPT_OK) {
+      return err;
+   }
+
+   /* allocate memory */
+   expt   = XMALLOC(mp_unsigned_bin_size(key->p) + 1);
+   skey   = XMALLOC(MAXBLOCKSIZE);
+   if (expt == NULL || skey == NULL) {
+      if (expt != NULL) {
+         XFREE(expt);
+      }
+      if (skey != NULL) {
+         XFREE(skey);
+      }
+      mp_clear(g_pub);
+      return CRYPT_MEM;
+   }
+   
+   LTC_SET_ASN1(decode, 1, LTC_ASN1_INTEGER,          g_pub,      1UL);
+   LTC_SET_ASN1(decode, 2, LTC_ASN1_OCTET_STRING,      skey,      MAXBLOCKSIZE);
+
+   /* read the structure in now */
+   if ((err = der_decode_sequence(in, inlen, decode, 3)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+
+   /* make shared key */
+   x = mp_unsigned_bin_size(key->p) + 1;
+   if ((err = dsa_shared_secret(key->x, g_pub, key, expt, &x)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+
+   y = MIN(mp_unsigned_bin_size(key->p) + 1, MAXBLOCKSIZE);
+   if ((err = hash_memory(hash, expt, x, expt, &y)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+
+   /* ensure the hash of the shared secret is at least as big as the encrypt itself */
+   if (decode[2].size > y) {
+      err = CRYPT_INVALID_PACKET;
+      goto LBL_ERR;
+   }
+
+   /* avoid buffer overflow */
+   if (*outlen < decode[2].size) {
+      *outlen = decode[2].size;
+      err = CRYPT_BUFFER_OVERFLOW;
+      goto LBL_ERR;
+   }
+
+   /* Decrypt the key */
+   for (x = 0; x < decode[2].size; x++) {
+     out[x] = expt[x] ^ skey[x];
+   }
+   *outlen = x;
+
+   err = CRYPT_OK;
+LBL_ERR:
+#ifdef LTC_CLEAN_STACK
+   zeromem(expt,   mp_unsigned_bin_size(key->p) + 1);
+   zeromem(skey,   MAXBLOCKSIZE);
+#endif
+
+   XFREE(expt);
+   XFREE(skey);
+  
+   mp_clear(g_pub);
+
+   return err;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_decrypt_key.c,v $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/12/04 03:18:43 $ */
+
diff --git a/libtomcrypt/src/pk/dsa/dsa_encrypt_key.c b/libtomcrypt/src/pk/dsa/dsa_encrypt_key.c
new file mode 100644
index 0000000..cefa4de
--- /dev/null
+++ b/libtomcrypt/src/pk/dsa/dsa_encrypt_key.c
@@ -0,0 +1,135 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file dsa_encrypt_key.c
+  DSA Crypto, Tom St Denis
+*/  
+
+#ifdef MDSA
+
+/**
+  Encrypt a symmetric key with DSA
+  @param in         The symmetric key you want to encrypt
+  @param inlen      The length of the key to encrypt (octets)
+  @param out        [out] The destination for the ciphertext
+  @param outlen     [in/out] The max size and resulting size of the ciphertext
+  @param prng       An active PRNG state
+  @param wprng      The index of the PRNG you wish to use 
+  @param hash       The index of the hash you want to use 
+  @param key        The DSA key you want to encrypt to
+  @return CRYPT_OK if successful
+*/
+int dsa_encrypt_key(const unsigned char *in,   unsigned long inlen,
+                          unsigned char *out,  unsigned long *outlen, 
+                          prng_state *prng, int wprng, int hash, 
+                          dsa_key *key)
+{
+    unsigned char *expt, *skey;
+    void          *g_pub, *g_priv;
+    unsigned long  x, y;
+    int            err;
+
+    LTC_ARGCHK(in      != NULL);
+    LTC_ARGCHK(out     != NULL);
+    LTC_ARGCHK(outlen  != NULL);
+    LTC_ARGCHK(key     != NULL);
+
+    /* check that wprng/cipher/hash are not invalid */
+    if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
+       return err;
+    }
+
+    if ((err = hash_is_valid(hash)) != CRYPT_OK) {
+       return err;
+    }
+
+    if (inlen > hash_descriptor[hash].hashsize) {
+       return CRYPT_INVALID_HASH;
+    }
+
+    /* make a random key and export the public copy */
+    if ((err = mp_init_multi(&g_pub, &g_priv, NULL)) != CRYPT_OK) {
+       return err;
+    }
+   
+    expt       = XMALLOC(mp_unsigned_bin_size(key->p) + 1);
+    skey       = XMALLOC(MAXBLOCKSIZE);
+    if (expt == NULL  || skey == NULL) {
+       if (expt != NULL) {
+          XFREE(expt);
+       }
+       if (skey != NULL) {
+          XFREE(skey);
+       }
+       mp_clear_multi(g_pub, g_priv, NULL);
+       return CRYPT_MEM;
+    }
+    
+    /* make a random x, g^x pair */
+    x = mp_unsigned_bin_size(key->q);
+    if (prng_descriptor[wprng].read(expt, x, prng) != x) {
+       err = CRYPT_ERROR_READPRNG;
+       goto LBL_ERR;
+    }
+    
+    /* load x */
+    if ((err = mp_read_unsigned_bin(g_priv, expt, x)) != CRYPT_OK) {
+       goto LBL_ERR;
+    }
+    
+    /* compute y */
+    if ((err = mp_exptmod(key->g, g_priv, key->p, g_pub)) != CRYPT_OK) {
+       goto LBL_ERR;
+    }
+    
+    /* make random key */
+    x        = mp_unsigned_bin_size(key->p) + 1;
+    if ((err = dsa_shared_secret(g_priv, key->y, key, expt, &x)) != CRYPT_OK) {
+       goto LBL_ERR;
+    }
+
+    y = MAXBLOCKSIZE;
+    if ((err = hash_memory(hash, expt, x, skey, &y)) != CRYPT_OK) {
+       goto LBL_ERR;
+    }
+    
+    /* Encrypt key */
+    for (x = 0; x < inlen; x++) {
+      skey[x] ^= in[x];
+    }
+
+    err = der_encode_sequence_multi(out, outlen,
+                                    LTC_ASN1_OBJECT_IDENTIFIER,  hash_descriptor[hash].OIDlen,   hash_descriptor[hash].OID,
+                                    LTC_ASN1_INTEGER,            1UL,                            g_pub,
+                                    LTC_ASN1_OCTET_STRING,       inlen,                          skey,
+                                    LTC_ASN1_EOL,                0UL,                            NULL);
+
+LBL_ERR:
+#ifdef LTC_CLEAN_STACK
+    /* clean up */
+    zeromem(expt,   mp_unsigned_bin_size(key->p) + 1);
+    zeromem(skey,   MAXBLOCKSIZE);
+#endif
+
+    XFREE(skey);
+    XFREE(expt);
+    
+    mp_clear_multi(g_pub, g_priv, NULL);
+    return err;
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_encrypt_key.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/12/04 03:18:43 $ */
+
diff --git a/libtomcrypt/src/pk/dsa/dsa_export.c b/libtomcrypt/src/pk/dsa/dsa_export.c
index 5a093d9..d882779 100644
--- a/libtomcrypt/src/pk/dsa/dsa_export.c
+++ b/libtomcrypt/src/pk/dsa/dsa_export.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -47,19 +47,19 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key
    if (type == PK_PRIVATE) {
       return der_encode_sequence_multi(out, outlen,
                                  LTC_ASN1_BIT_STRING,   1UL, flags,
-                                 LTC_ASN1_INTEGER,      1UL, &key->g,
-                                 LTC_ASN1_INTEGER,      1UL, &key->p,
-                                 LTC_ASN1_INTEGER,      1UL, &key->q,
-                                 LTC_ASN1_INTEGER,      1UL, &key->y,
-                                 LTC_ASN1_INTEGER,      1UL, &key->x,
+                                 LTC_ASN1_INTEGER,      1UL, key->g,
+                                 LTC_ASN1_INTEGER,      1UL, key->p,
+                                 LTC_ASN1_INTEGER,      1UL, key->q,
+                                 LTC_ASN1_INTEGER,      1UL, key->y,
+                                 LTC_ASN1_INTEGER,      1UL, key->x,
                                  LTC_ASN1_EOL,          0UL, NULL);
    } else {
       return der_encode_sequence_multi(out, outlen,
                                  LTC_ASN1_BIT_STRING,   1UL, flags,
-                                 LTC_ASN1_INTEGER,      1UL, &key->g,
-                                 LTC_ASN1_INTEGER,      1UL, &key->p,
-                                 LTC_ASN1_INTEGER,      1UL, &key->q,
-                                 LTC_ASN1_INTEGER,      1UL, &key->y,
+                                 LTC_ASN1_INTEGER,      1UL, key->g,
+                                 LTC_ASN1_INTEGER,      1UL, key->p,
+                                 LTC_ASN1_INTEGER,      1UL, key->q,
+                                 LTC_ASN1_INTEGER,      1UL, key->y,
                                  LTC_ASN1_EOL,          0UL, NULL);
    }
 }
@@ -68,5 +68,5 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_export.c,v $ */
-/* $Revision: 1.6 $ */
-/* $Date: 2005/06/03 19:24:31 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/dsa/dsa_free.c b/libtomcrypt/src/pk/dsa/dsa_free.c
index 9157acb..92a1eb7 100644
--- a/libtomcrypt/src/pk/dsa/dsa_free.c
+++ b/libtomcrypt/src/pk/dsa/dsa_free.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -23,12 +23,12 @@
 */
 void dsa_free(dsa_key *key)
 {
-   LTC_ARGCHK(key != NULL);
-   mp_clear_multi(&key->g, &key->q, &key->p, &key->x, &key->y, NULL);
+   LTC_ARGCHKVD(key != NULL);
+   mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL);
 }
 
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_free.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/06/09 01:38:13 $ */
diff --git a/libtomcrypt/src/pk/dsa/dsa_import.c b/libtomcrypt/src/pk/dsa/dsa_import.c
index e81bac8..bb2272a 100644
--- a/libtomcrypt/src/pk/dsa/dsa_import.c
+++ b/libtomcrypt/src/pk/dsa/dsa_import.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -31,9 +31,10 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
 
    LTC_ARGCHK(in  != NULL);
    LTC_ARGCHK(key != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
 
    /* init key */
-   if (mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL) != MP_OKAY) {
+   if (mp_init_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL) != CRYPT_OK) {
       return CRYPT_MEM;
    }
 
@@ -47,11 +48,11 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
    if (flags[0] == 1) {
       if ((err = der_decode_sequence_multi(in, inlen,
                                  LTC_ASN1_BIT_STRING,   1UL, flags,
-                                 LTC_ASN1_INTEGER,      1UL, &key->g,
-                                 LTC_ASN1_INTEGER,      1UL, &key->p,
-                                 LTC_ASN1_INTEGER,      1UL, &key->q,
-                                 LTC_ASN1_INTEGER,      1UL, &key->y,
-                                 LTC_ASN1_INTEGER,      1UL, &key->x,
+                                 LTC_ASN1_INTEGER,      1UL, key->g,
+                                 LTC_ASN1_INTEGER,      1UL, key->p,
+                                 LTC_ASN1_INTEGER,      1UL, key->q,
+                                 LTC_ASN1_INTEGER,      1UL, key->y,
+                                 LTC_ASN1_INTEGER,      1UL, key->x,
                                  LTC_ASN1_EOL,          0UL, NULL)) != CRYPT_OK) {
          goto error;
       }
@@ -59,31 +60,31 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
    } else {
       if ((err = der_decode_sequence_multi(in, inlen,
                                  LTC_ASN1_BIT_STRING,   1UL, flags,
-                                 LTC_ASN1_INTEGER,      1UL, &key->g,
-                                 LTC_ASN1_INTEGER,      1UL, &key->p,
-                                 LTC_ASN1_INTEGER,      1UL, &key->q,
-                                 LTC_ASN1_INTEGER,      1UL, &key->y,
+                                 LTC_ASN1_INTEGER,      1UL, key->g,
+                                 LTC_ASN1_INTEGER,      1UL, key->p,
+                                 LTC_ASN1_INTEGER,      1UL, key->q,
+                                 LTC_ASN1_INTEGER,      1UL, key->y,
                                  LTC_ASN1_EOL,          0UL, NULL)) != CRYPT_OK) {
          goto error;
       }
       key->type = PK_PUBLIC;
   }
-  key->qord = mp_unsigned_bin_size(&key->q);
+  key->qord = mp_unsigned_bin_size(key->q);
 
   if (key->qord >= MDSA_MAX_GROUP || key->qord <= 15 ||
-      key->qord >= mp_unsigned_bin_size(&key->p) || (mp_unsigned_bin_size(&key->p) - key->qord) >= MDSA_DELTA) {
+      (unsigned long)key->qord >= mp_unsigned_bin_size(key->p) || (mp_unsigned_bin_size(key->p) - key->qord) >= MDSA_DELTA) {
       err = CRYPT_INVALID_PACKET;
       goto error;
    }
 
   return CRYPT_OK;
 error: 
-   mp_clear_multi(&key->p, &key->g, &key->q, &key->x, &key->y, NULL);
+   mp_clear_multi(key->p, key->g, key->q, key->x, key->y, NULL);
    return err;
 }
 
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_import.c,v $ */
-/* $Revision: 1.7 $ */
-/* $Date: 2005/06/08 23:31:17 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/dsa/dsa_make_key.c b/libtomcrypt/src/pk/dsa/dsa_make_key.c
index 02f69e0..293e814 100644
--- a/libtomcrypt/src/pk/dsa/dsa_make_key.c
+++ b/libtomcrypt/src/pk/dsa/dsa_make_key.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -28,11 +28,12 @@
 */
 int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size, dsa_key *key)
 {
-   mp_int         tmp, tmp2;
+   void           *tmp, *tmp2;
    int            err, res;
    unsigned char *buf;
 
    LTC_ARGCHK(key  != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
 
    /* check prng */
    if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
@@ -52,21 +53,21 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size,
    }
 
    /* init mp_ints  */
-   if ((err = mp_init_multi(&tmp, &tmp2, &key->g, &key->q, &key->p, &key->x, &key->y, NULL)) != MP_OKAY) {
-      err = mpi_to_ltc_error(err);
-      goto LBL_ERR;
+   if ((err = mp_init_multi(&tmp, &tmp2, &key->g, &key->q, &key->p, &key->x, &key->y, NULL)) != CRYPT_OK) {
+      XFREE(buf);
+      return err;
    }
 
    /* make our prime q */
-   if ((err = rand_prime(&key->q, group_size*8, prng, wprng)) != CRYPT_OK)             { goto LBL_ERR; }
+   if ((err = rand_prime(key->q, group_size, prng, wprng)) != CRYPT_OK)                { goto error; }
 
    /* double q  */
-   if ((err = mp_mul_2(&key->q, &tmp)) != MP_OKAY)                                     { goto error; }
+   if ((err = mp_add(key->q, key->q, tmp)) != CRYPT_OK)                                { goto error; }
 
    /* now make a random string and multply it against q */
    if (prng_descriptor[wprng].read(buf+1, modulus_size - group_size, prng) != (unsigned long)(modulus_size - group_size)) {
       err = CRYPT_ERROR_READPRNG;
-      goto LBL_ERR;
+      goto error;
    }
 
    /* force magnitude */
@@ -75,30 +76,30 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size,
    /* force even */
    buf[modulus_size - group_size - 1] &= ~1;
 
-   if ((err = mp_read_unsigned_bin(&tmp2, buf, modulus_size - group_size)) != MP_OKAY) { goto error; }
-   if ((err = mp_mul(&key->q, &tmp2, &key->p)) != MP_OKAY)                             { goto error; }
-   if ((err = mp_add_d(&key->p, 1, &key->p)) != MP_OKAY)                               { goto error; }
+   if ((err = mp_read_unsigned_bin(tmp2, buf, modulus_size - group_size)) != CRYPT_OK) { goto error; }
+   if ((err = mp_mul(key->q, tmp2, key->p)) != CRYPT_OK)                               { goto error; }
+   if ((err = mp_add_d(key->p, 1, key->p)) != CRYPT_OK)                                { goto error; }
 
    /* now loop until p is prime */
    for (;;) {
-       if ((err = is_prime(&key->p, &res)) != CRYPT_OK)                                { goto LBL_ERR; }
-       if (res == MP_YES) break;
+       if ((err = mp_prime_is_prime(key->p, 8, &res)) != CRYPT_OK)                     { goto error; }
+       if (res == LTC_MP_YES) break;
 
        /* add 2q to p and 2 to tmp2 */
-       if ((err = mp_add(&tmp, &key->p, &key->p)) != MP_OKAY)                          { goto error; }
-       if ((err = mp_add_d(&tmp2, 2, &tmp2)) != MP_OKAY)                               { goto error; }
+       if ((err = mp_add(tmp, key->p, key->p)) != CRYPT_OK)                            { goto error; }
+       if ((err = mp_add_d(tmp2, 2, tmp2)) != CRYPT_OK)                                { goto error; }
    }
 
    /* now p = (q * tmp2) + 1 is prime, find a value g for which g^tmp2 != 1 */
-   mp_set(&key->g, 1);
+   mp_set(key->g, 1);
 
    do {
-      if ((err = mp_add_d(&key->g, 1, &key->g)) != MP_OKAY)                            { goto error; }
-      if ((err = mp_exptmod(&key->g, &tmp2, &key->p, &tmp)) != MP_OKAY)                { goto error; }
-   } while (mp_cmp_d(&tmp, 1) == MP_EQ);
+      if ((err = mp_add_d(key->g, 1, key->g)) != CRYPT_OK)                             { goto error; }
+      if ((err = mp_exptmod(key->g, tmp2, key->p, tmp)) != CRYPT_OK)                   { goto error; }
+   } while (mp_cmp_d(tmp, 1) == LTC_MP_EQ);
 
    /* at this point tmp generates a group of order q mod p */
-   mp_exch(&tmp, &key->g);
+   mp_exch(tmp, key->g);
 
    /* so now we have our DH structure, generator g, order q, modulus p 
       Now we need a random exponent [mod q] and it's power g^x mod p 
@@ -106,22 +107,15 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size,
    do {
       if (prng_descriptor[wprng].read(buf, group_size, prng) != (unsigned long)group_size) {
          err = CRYPT_ERROR_READPRNG;
-         goto LBL_ERR;
+         goto error;
       }
-      if ((err = mp_read_unsigned_bin(&key->x, buf, group_size)) != MP_OKAY)           { goto error; }
-   } while (mp_cmp_d(&key->x, 1) != MP_GT);
-   if ((err = mp_exptmod(&key->g, &key->x, &key->p, &key->y)) != MP_OKAY)              { goto error; }
-   
+      if ((err = mp_read_unsigned_bin(key->x, buf, group_size)) != CRYPT_OK)           { goto error; }
+   } while (mp_cmp_d(key->x, 1) != LTC_MP_GT);
+   if ((err = mp_exptmod(key->g, key->x, key->p, key->y)) != CRYPT_OK)                 { goto error; }
+  
    key->type = PK_PRIVATE;
    key->qord = group_size;
 
-   /* shrink the ram required */
-   if ((err = mp_shrink(&key->g)) != MP_OKAY)                                          { goto error; }
-   if ((err = mp_shrink(&key->p)) != MP_OKAY)                                          { goto error; }
-   if ((err = mp_shrink(&key->q)) != MP_OKAY)                                          { goto error; }
-   if ((err = mp_shrink(&key->x)) != MP_OKAY)                                          { goto error; }
-   if ((err = mp_shrink(&key->y)) != MP_OKAY)                                          { goto error; }
-
 #ifdef LTC_CLEAN_STACK
    zeromem(buf, MDSA_DELTA);
 #endif
@@ -129,12 +123,9 @@ int dsa_make_key(prng_state *prng, int wprng, int group_size, int modulus_size,
    err = CRYPT_OK;
    goto done;
 error: 
-    err = mpi_to_ltc_error(err);
-LBL_ERR: 
-    mp_clear_multi(&key->g, &key->q, &key->p, &key->x, &key->y, NULL);
+    mp_clear_multi(key->g, key->q, key->p, key->x, key->y, NULL);
 done: 
-    mp_clear_multi(&tmp, &tmp2, NULL);
-
+    mp_clear_multi(tmp, tmp2, NULL);
     XFREE(buf);
     return err;
 }
@@ -142,5 +133,5 @@ done:
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_make_key.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/11 05:45:35 $ */
+/* $Revision: 1.10 $ */
+/* $Date: 2006/12/04 03:18:43 $ */
diff --git a/libtomcrypt/src/pk/dsa/dsa_shared_secret.c b/libtomcrypt/src/pk/dsa/dsa_shared_secret.c
new file mode 100644
index 0000000..570d637
--- /dev/null
+++ b/libtomcrypt/src/pk/dsa/dsa_shared_secret.c
@@ -0,0 +1,72 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file dsa_shared_secret.c
+  DSA Crypto, Tom St Denis
+*/  
+
+#ifdef MDSA
+
+/**
+  Create a DSA shared secret between two keys
+  @param private_key      The private DSA key (the exponent)
+  @param base             The base of the exponentiation (allows this to be used for both encrypt and decrypt) 
+  @param public_key       The public key
+  @param out              [out] Destination of the shared secret
+  @param outlen           [in/out] The max size and resulting size of the shared secret
+  @return CRYPT_OK if successful
+*/
+int dsa_shared_secret(void          *private_key, void *base,
+                      dsa_key       *public_key,
+                      unsigned char *out,         unsigned long *outlen)
+{
+   unsigned long  x;
+   void          *res;
+   int            err;
+
+   LTC_ARGCHK(private_key != NULL);
+   LTC_ARGCHK(public_key  != NULL);
+   LTC_ARGCHK(out         != NULL);
+   LTC_ARGCHK(outlen      != NULL);
+
+   /* make new point */
+   if ((err = mp_init(&res)) != CRYPT_OK) {
+      return err;
+   }
+
+   if ((err = mp_exptmod(base, private_key, public_key->p, res)) != CRYPT_OK) {
+      mp_clear(res);
+      return err;
+   }
+   
+   x = (unsigned long)mp_unsigned_bin_size(res);
+   if (*outlen < x) {
+      *outlen = x;
+      err = CRYPT_BUFFER_OVERFLOW;
+      goto done;
+   }
+   zeromem(out, x);
+   if ((err = mp_to_unsigned_bin(res, out + (x - mp_unsigned_bin_size(res))))   != CRYPT_OK)          { goto done; }
+
+   err     = CRYPT_OK;
+   *outlen = x;
+done:
+   mp_clear(res);
+   return err;
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_shared_secret.c,v $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/12/04 03:18:43 $ */
+
diff --git a/libtomcrypt/src/pk/dsa/dsa_sign_hash.c b/libtomcrypt/src/pk/dsa/dsa_sign_hash.c
index 48d29a2..f84dd28 100644
--- a/libtomcrypt/src/pk/dsa/dsa_sign_hash.c
+++ b/libtomcrypt/src/pk/dsa/dsa_sign_hash.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -29,10 +29,10 @@
   @return CRYPT_OK if successful
 */
 int dsa_sign_hash_raw(const unsigned char *in,  unsigned long inlen,
-                                   mp_int *r,   mp_int *s,
+                                   void   *r,   void *s,
                                prng_state *prng, int wprng, dsa_key *key)
 {
-   mp_int         k, kinv, tmp;
+   void         *k, *kinv, *tmp;
    unsigned char *buf;
    int            err;
 
@@ -59,7 +59,7 @@ int dsa_sign_hash_raw(const unsigned char *in,  unsigned long inlen,
    }
 
    /* Init our temps */
-   if ((err = mp_init_multi(&k, &kinv, &tmp, NULL)) != MP_OKAY)               { goto error; }
+   if ((err = mp_init_multi(&k, &kinv, &tmp, NULL)) != CRYPT_OK)                       { goto ERRBUF; }
 
 retry:
 
@@ -67,43 +67,40 @@ retry:
       /* gen random k */
       if (prng_descriptor[wprng].read(buf, key->qord, prng) != (unsigned long)key->qord) {
          err = CRYPT_ERROR_READPRNG;
-         goto LBL_ERR;
+         goto error;
       }
 
       /* read k */
-      if ((err = mp_read_unsigned_bin(&k, buf, key->qord)) != MP_OKAY)                { goto error; }
+      if ((err = mp_read_unsigned_bin(k, buf, key->qord)) != CRYPT_OK)                 { goto error; }
 
       /* k > 1 ? */
-      if (mp_cmp_d(&k, 1) != MP_GT)                                                   { goto retry; }
+      if (mp_cmp_d(k, 1) != LTC_MP_GT)                                                 { goto retry; }
 
       /* test gcd */
-      if ((err = mp_gcd(&k, &key->q, &tmp)) != MP_OKAY)                               { goto error; }
-   } while (mp_cmp_d(&tmp, 1) != MP_EQ);
+      if ((err = mp_gcd(k, key->q, tmp)) != CRYPT_OK)                                  { goto error; }
+   } while (mp_cmp_d(tmp, 1) != LTC_MP_EQ);
 
    /* now find 1/k mod q */
-   if ((err = mp_invmod(&k, &key->q, &kinv)) != MP_OKAY)                              { goto error; }
+   if ((err = mp_invmod(k, key->q, kinv)) != CRYPT_OK)                                 { goto error; }
 
    /* now find r = g^k mod p mod q */
-   if ((err = mp_exptmod(&key->g, &k, &key->p, r)) != MP_OKAY)                        { goto error; }
-   if ((err = mp_mod(r, &key->q, r)) != MP_OKAY)                                      { goto error; }
+   if ((err = mp_exptmod(key->g, k, key->p, r)) != CRYPT_OK)                           { goto error; }
+   if ((err = mp_mod(r, key->q, r)) != CRYPT_OK)                                       { goto error; }
 
-   if (mp_iszero(r) == MP_YES)                                                        { goto retry; }
+   if (mp_iszero(r) == LTC_MP_YES)                                                     { goto retry; }
 
    /* now find s = (in + xr)/k mod q */
-   if ((err = mp_read_unsigned_bin(&tmp, (unsigned char *)in, inlen)) != MP_OKAY)     { goto error; }
-   if ((err = mp_mul(&key->x, r, s)) != MP_OKAY)                                      { goto error; }
-   if ((err = mp_add(s, &tmp, s)) != MP_OKAY)                                         { goto error; }
-   if ((err = mp_mulmod(s, &kinv, &key->q, s)) != MP_OKAY)                            { goto error; }
+   if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, inlen)) != CRYPT_OK)      { goto error; }
+   if ((err = mp_mul(key->x, r, s)) != CRYPT_OK)                                       { goto error; }
+   if ((err = mp_add(s, tmp, s)) != CRYPT_OK)                                          { goto error; }
+   if ((err = mp_mulmod(s, kinv, key->q, s)) != CRYPT_OK)                              { goto error; }
 
-   if (mp_iszero(s) == MP_YES)                                                        { goto retry; }
+   if (mp_iszero(s) == LTC_MP_YES)                                                     { goto retry; }
 
    err = CRYPT_OK;
-   goto LBL_ERR;
-
 error: 
-   err = mpi_to_ltc_error(err);
-LBL_ERR: 
-   mp_clear_multi(&k, &kinv, &tmp, NULL);
+   mp_clear_multi(k, kinv, tmp, NULL);
+ERRBUF:
 #ifdef LTC_CLEAN_STACK
    zeromem(buf, MDSA_MAX_GROUP);
 #endif
@@ -126,7 +123,7 @@ int dsa_sign_hash(const unsigned char *in,  unsigned long inlen,
                         unsigned char *out, unsigned long *outlen,
                         prng_state *prng, int wprng, dsa_key *key)
 {
-   mp_int        r, s;
+   void         *r, *s;
    int           err;
 
    LTC_ARGCHK(in      != NULL);
@@ -134,26 +131,26 @@ int dsa_sign_hash(const unsigned char *in,  unsigned long inlen,
    LTC_ARGCHK(outlen  != NULL);
    LTC_ARGCHK(key     != NULL);
 
-   if (mp_init_multi(&r, &s, NULL) != MP_OKAY) {
+   if (mp_init_multi(&r, &s, NULL) != CRYPT_OK) {
       return CRYPT_MEM;
    }
 
-   if ((err = dsa_sign_hash_raw(in, inlen, &r, &s, prng, wprng, key)) != CRYPT_OK) {
-      goto LBL_ERR;
+   if ((err = dsa_sign_hash_raw(in, inlen, r, s, prng, wprng, key)) != CRYPT_OK) {
+      goto error;
    }
 
    err = der_encode_sequence_multi(out, outlen, 
-                             LTC_ASN1_INTEGER, 1UL, &r, 
-                             LTC_ASN1_INTEGER, 1UL, &s, 
+                             LTC_ASN1_INTEGER, 1UL, r, 
+                             LTC_ASN1_INTEGER, 1UL, s, 
                              LTC_ASN1_EOL,     0UL, NULL);
 
-LBL_ERR:
-   mp_clear_multi(&r, &s, NULL);
+error:
+   mp_clear_multi(r, s, NULL);
    return err;
 }
 
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_sign_hash.c,v $ */
-/* $Revision: 1.6 $ */
-/* $Date: 2005/05/15 21:48:59 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/12/04 22:27:56 $ */
diff --git a/libtomcrypt/src/pk/dsa/dsa_verify_hash.c b/libtomcrypt/src/pk/dsa/dsa_verify_hash.c
index 11e5c33..0e8ff22 100644
--- a/libtomcrypt/src/pk/dsa/dsa_verify_hash.c
+++ b/libtomcrypt/src/pk/dsa/dsa_verify_hash.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -28,11 +28,11 @@
   @param key      The corresponding public DH key
   @return CRYPT_OK if successful (even if the signature is invalid)
 */
-int dsa_verify_hash_raw(         mp_int *r,          mp_int *s,
+int dsa_verify_hash_raw(         void   *r,          void   *s,
                     const unsigned char *hash, unsigned long hashlen, 
                                     int *stat,      dsa_key *key)
 {
-   mp_int        w, v, u1, u2;
+   void          *w, *v, *u1, *u2;
    int           err;
 
    LTC_ARGCHK(r    != NULL);
@@ -44,42 +44,40 @@ int dsa_verify_hash_raw(         mp_int *r,          mp_int *s,
    *stat = 0;
 
    /* init our variables */
-   if ((err = mp_init_multi(&w, &v, &u1, &u2, NULL)) != MP_OKAY) {
-      return mpi_to_ltc_error(err);
+   if ((err = mp_init_multi(&w, &v, &u1, &u2, NULL)) != CRYPT_OK) {
+      return err;
    }
 
    /* neither r or s can be null or >q*/
-   if (mp_iszero(r) == MP_YES || mp_iszero(s) == MP_YES || mp_cmp(r, &key->q) != MP_LT || mp_cmp(s, &key->q) != MP_LT) {
+   if (mp_iszero(r) == LTC_MP_YES || mp_iszero(s) == LTC_MP_YES || mp_cmp(r, key->q) != LTC_MP_LT || mp_cmp(s, key->q) != LTC_MP_LT) {
       err = CRYPT_INVALID_PACKET;
-      goto done;
+      goto error;
    }
    
    /* w = 1/s mod q */
-   if ((err = mp_invmod(s, &key->q, &w)) != MP_OKAY)                                      { goto error; }
+   if ((err = mp_invmod(s, key->q, w)) != CRYPT_OK)                                       { goto error; }
 
    /* u1 = m * w mod q */
-   if ((err = mp_read_unsigned_bin(&u1, (unsigned char *)hash, hashlen)) != MP_OKAY)       { goto error; }
-   if ((err = mp_mulmod(&u1, &w, &key->q, &u1)) != MP_OKAY)                                { goto error; }
+   if ((err = mp_read_unsigned_bin(u1, (unsigned char *)hash, hashlen)) != CRYPT_OK)      { goto error; }
+   if ((err = mp_mulmod(u1, w, key->q, u1)) != CRYPT_OK)                                  { goto error; }
 
    /* u2 = r*w mod q */
-   if ((err = mp_mulmod(r, &w, &key->q, &u2)) != MP_OKAY)                                 { goto error; } 
+   if ((err = mp_mulmod(r, w, key->q, u2)) != CRYPT_OK)                                   { goto error; } 
 
    /* v = g^u1 * y^u2 mod p mod q */
-   if ((err = mp_exptmod(&key->g, &u1, &key->p, &u1)) != MP_OKAY)                          { goto error; }
-   if ((err = mp_exptmod(&key->y, &u2, &key->p, &u2)) != MP_OKAY)                          { goto error; }
-   if ((err = mp_mulmod(&u1, &u2, &key->p, &v)) != MP_OKAY)                                { goto error; }
-   if ((err = mp_mod(&v, &key->q, &v)) != MP_OKAY)                                         { goto error; }
+   if ((err = mp_exptmod(key->g, u1, key->p, u1)) != CRYPT_OK)                            { goto error; }
+   if ((err = mp_exptmod(key->y, u2, key->p, u2)) != CRYPT_OK)                            { goto error; }
+   if ((err = mp_mulmod(u1, u2, key->p, v)) != CRYPT_OK)                                  { goto error; }
+   if ((err = mp_mod(v, key->q, v)) != CRYPT_OK)                                          { goto error; }
 
    /* if r = v then we're set */
-   if (mp_cmp(r, &v) == MP_EQ) {
+   if (mp_cmp(r, v) == LTC_MP_EQ) {
       *stat = 1;
    }
 
    err = CRYPT_OK;
-   goto done;
-
-error : err = mpi_to_ltc_error(err);
-done  : mp_clear_multi(&w, &v, &u1, &u2, NULL);
+error:
+   mp_clear_multi(w, v, u1, u2, NULL);
    return err;
 }
 
@@ -98,7 +96,7 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen,
                     int *stat, dsa_key *key)
 {
    int    err;
-   mp_int r, s;
+   void   *r, *s;
 
    if ((err = mp_init_multi(&r, &s, NULL)) != CRYPT_OK) {
       return CRYPT_MEM;
@@ -106,17 +104,17 @@ int dsa_verify_hash(const unsigned char *sig, unsigned long siglen,
 
    /* decode the sequence */
    if ((err = der_decode_sequence_multi(sig, siglen,
-                                  LTC_ASN1_INTEGER, 1UL, &r, 
-                                  LTC_ASN1_INTEGER, 1UL, &s, 
+                                  LTC_ASN1_INTEGER, 1UL, r, 
+                                  LTC_ASN1_INTEGER, 1UL, s, 
                                   LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
       goto LBL_ERR;
    }
 
    /* do the op */
-   err = dsa_verify_hash_raw(&r, &s, hash, hashlen, stat, key);
+   err = dsa_verify_hash_raw(r, s, hash, hashlen, stat, key);
 
 LBL_ERR:
-   mp_clear_multi(&r, &s, NULL);
+   mp_clear_multi(r, s, NULL);
    return err;
 }
 
@@ -124,5 +122,5 @@ LBL_ERR:
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_verify_hash.c,v $ */
-/* $Revision: 1.8 $ */
-/* $Date: 2005/05/15 21:48:59 $ */
+/* $Revision: 1.13 $ */
+/* $Date: 2006/12/04 03:18:43 $ */
diff --git a/libtomcrypt/src/pk/dsa/dsa_verify_key.c b/libtomcrypt/src/pk/dsa/dsa_verify_key.c
index b7be103..27054d6 100644
--- a/libtomcrypt/src/pk/dsa/dsa_verify_key.c
+++ b/libtomcrypt/src/pk/dsa/dsa_verify_key.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -25,7 +25,7 @@
 */
 int dsa_verify_key(dsa_key *key, int *stat)
 {
-   mp_int tmp, tmp2;
+   void   *tmp, *tmp2;
    int    res, err;
 
    LTC_ARGCHK(key  != NULL);
@@ -35,15 +35,14 @@ int dsa_verify_key(dsa_key *key, int *stat)
    *stat = 0;
 
    /* first make sure key->q and key->p are prime */
-   if ((err = is_prime(&key->q, &res)) != CRYPT_OK) {
+   if ((err = mp_prime_is_prime(key->q, 8, &res)) != CRYPT_OK) {
       return err;
    }
    if (res == 0) {
       return CRYPT_OK;
    }
 
-
-   if ((err = is_prime(&key->p, &res)) != CRYPT_OK) {
+   if ((err = mp_prime_is_prime(key->p, 8, &res)) != CRYPT_OK) {
       return err;
    }
    if (res == 0) {
@@ -51,52 +50,51 @@ int dsa_verify_key(dsa_key *key, int *stat)
    }
 
    /* now make sure that g is not -1, 0 or 1 and <p */
-   if (mp_cmp_d(&key->g, 0) == MP_EQ || mp_cmp_d(&key->g, 1) == MP_EQ) {
+   if (mp_cmp_d(key->g, 0) == LTC_MP_EQ || mp_cmp_d(key->g, 1) == LTC_MP_EQ) {
       return CRYPT_OK;
    }
-   if ((err = mp_init_multi(&tmp, &tmp2, NULL)) != MP_OKAY)               { goto error; }
-   if ((err = mp_sub_d(&key->p, 1, &tmp)) != MP_OKAY)                     { goto error; }
-   if (mp_cmp(&tmp, &key->g) == MP_EQ || mp_cmp(&key->g, &key->p) != MP_LT) {
+   if ((err = mp_init_multi(&tmp, &tmp2, NULL)) != CRYPT_OK)               { return err; }
+   if ((err = mp_sub_d(key->p, 1, tmp)) != CRYPT_OK)                       { goto error; }
+   if (mp_cmp(tmp, key->g) == LTC_MP_EQ || mp_cmp(key->g, key->p) != LTC_MP_LT) {
       err = CRYPT_OK;
-      goto done;
+      goto error;
    }
 
    /* 1 < y < p-1 */
-   if (!(mp_cmp_d(&key->y, 1) == MP_GT && mp_cmp(&key->y, &tmp) == MP_LT)) {
+   if (!(mp_cmp_d(key->y, 1) == LTC_MP_GT && mp_cmp(key->y, tmp) == LTC_MP_LT)) {
       err = CRYPT_OK;
-      goto done;
+      goto error;
    }
 
    /* now we have to make sure that g^q = 1, and that p-1/q gives 0 remainder */
-   if ((err = mp_div(&tmp, &key->q, &tmp, &tmp2)) != MP_OKAY)             { goto error; }
-   if (mp_iszero(&tmp2) != MP_YES) {
+   if ((err = mp_div(tmp, key->q, tmp, tmp2)) != CRYPT_OK)             { goto error; }
+   if (mp_iszero(tmp2) != LTC_MP_YES) {
       err = CRYPT_OK;
-      goto done;
+      goto error;
    }
 
-   if ((err = mp_exptmod(&key->g, &key->q, &key->p, &tmp)) != MP_OKAY)    { goto error; }
-   if (mp_cmp_d(&tmp, 1) != MP_EQ) {
+   if ((err = mp_exptmod(key->g, key->q, key->p, tmp)) != CRYPT_OK)    { goto error; }
+   if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) {
       err = CRYPT_OK;
-      goto done;
+      goto error;
    }
 
    /* now we have to make sure that y^q = 1, this makes sure y \in g^x mod p */
-   if ((err = mp_exptmod(&key->y, &key->q, &key->p, &tmp)) != MP_OKAY)       { goto error; }
-   if (mp_cmp_d(&tmp, 1) != MP_EQ) {
+   if ((err = mp_exptmod(key->y, key->q, key->p, tmp)) != CRYPT_OK)       { goto error; }
+   if (mp_cmp_d(tmp, 1) != LTC_MP_EQ) {
       err = CRYPT_OK;
-      goto done;
+      goto error;
    }
 
    /* at this point we are out of tests ;-( */
    err   = CRYPT_OK;
    *stat = 1;
-   goto done;
-error: err = mpi_to_ltc_error(err);
-done : mp_clear_multi(&tmp, &tmp2, NULL);
+error: 
+   mp_clear_multi(tmp, tmp2, NULL);
    return err;
 }
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/dsa/dsa_verify_key.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/12/04 03:18:43 $ */
diff --git a/libtomcrypt/src/pk/ecc/ecc.c b/libtomcrypt/src/pk/ecc/ecc.c
index 469d56d..90bbed4 100644
--- a/libtomcrypt/src/pk/ecc/ecc.c
+++ b/libtomcrypt/src/pk/ecc/ecc.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 
 /* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
@@ -23,125 +23,94 @@
 
 #ifdef MECC
 
-/* size of our temp buffers for exported keys */
-#define ECC_BUF_SIZE 256
-
-/* max private key size */
-#define ECC_MAXSIZE  66
-
 /* This holds the key settings.  ***MUST*** be organized by size from smallest to largest. */
-static const struct {
-   int size;
-   char *name, *prime, *B, *order, *Gx, *Gy;
-} sets[] = {
+const ltc_ecc_set_type ltc_ecc_sets[] = {
+#ifdef ECC112
+{
+        14,
+        "SECP112R1",
+        "DB7C2ABF62E35E668076BEAD208B",
+        "659EF8BA043916EEDE8911702B22",
+        "DB7C2ABF62E35E7628DFAC6561C5",
+        "09487239995A5EE76B55F9C2F098",
+        "A89CE5AF8724C0A23E0E0FF77500"
+},
+#endif
+#ifdef ECC128
+{
+        16,
+        "SECP128R1",
+        "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",
+        "E87579C11079F43DD824993C2CEE5ED3",
+        "FFFFFFFE0000000075A30D1B9038A115",
+        "161FF7528B899B2D0C28607CA52C5B86",
+        "CF5AC8395BAFEB13C02DA292DDED7A83",
+},
+#endif
+#ifdef ECC160
+{
+        20,
+        "SECP160R1",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF",
+        "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45",
+        "0100000000000000000001F4C8F927AED3CA752257",
+        "4A96B5688EF573284664698968C38BB913CBFC82",
+        "23A628553168947D59DCC912042351377AC5FB32",
+},
+#endif
 #ifdef ECC192
 {
-    24,
-   "ECC-192",
-   /* prime */
-   "/////////////////////l//////////",
-
-   /* B */
-   "P2456UMSWESFf+chSYGmIVwutkp1Hhcn",
-
-   /* order */
-   "////////////////cTxuDXHhoR6qqYWn",
-
-   /* Gx */
-   "68se3h0maFPylo3hGw680FJ/2ls2/n0I",
-
-   /* Gy */
-   "1nahbV/8sdXZ417jQoJDrNFvTw4UUKWH"
+        24,
+        "ECC-192",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",
+        "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1",
+        "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831",
+        "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012",
+        "7192B95FFC8DA78631011ED6B24CDD573F977A11E794811",
 },
 #endif
 #ifdef ECC224
 {
-   28,
-   "ECC-224",
-
-   /* prime */
-   "3/////////////////////0000000000000001",
-
-   /* B */
-   "2q1Gg530Ipg/L1CbPGHB2trx/OkYSBEKCZLV+q",
-
-   /* order */
-   "3//////////////////nQYuBZmFXFTAKLSN2ez",
-
-   /* Gx */
-   "2t3WozQxI/Vp8JaBbA0y7JLi8H8ZGoWDOHN1qX",
-
-
-   /* Gy */
-   "2zDsE8jVSZ+qmYt+RDGtMWMWT7P4JLWPc507uq",
+        28,
+        "ECC-224",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",
+        "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",
+        "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",
+        "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34",
 },
 #endif
 #ifdef ECC256
 {
-   32,
-   "ECC-256",
-   /* Prime */
-   "F////y000010000000000000000////////////////",
-
-   /* B */
-   "5h6DTYgEfFdi+kzLNQOXhnb7GQmp5EmzZlEF3udqc1B",
-
-   /* Order */
-   "F////y00000//////////+yvlgjfnUUXFEvoiByOoLH",
-
-   /* Gx */
-   "6iNqVBXB497+BpcvMEaGF9t0ts1BUipeFIXEKNOcCAM",
-
-   /* Gy */
-   "4/ZGkB+6d+RZkVhIdmFdXOhpZDNQp5UpiksG6Wtlr7r"
+        32,
+        "ECC-256",
+        "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",
+        "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",
+        "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551",
+        "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296",
+        "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5",
 },
 #endif
 #ifdef ECC384
 {
-   48,
-   "ECC-384",
-   /* prime */
-   "//////////////////////////////////////////x/////00000000003/"
-   "////",
-
-   /* B */
-   "ip4lf+8+v+IOZWLhu/Wj6HWTd6x+WK4I0nG8Zr0JXrh6LZcDYYxHdIg5oEtJ"
-   "x2hl",
-
-   /* Order */
-   "////////////////////////////////nsDDWVGtBTzO6WsoIB2dUkpi6MhC"
-   "nIbp",
-
-   /* Gx and Gy */
-   "geVA8hwB1JUEiSSUyo2jT6uTEsABfvkOMVT1u89KAZXL0l9TlrKfR3fKNZXo"
-   "TWgt",
-
-   "DXVUIfOcB6zTdfY/afBSAVZq7RqecXHywTen4xNmkC0AOB7E7Nw1dNf37NoG"
-   "wWvV"
+        48,
+        "ECC-384",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF",
+        "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF",
+        "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973",
+        "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7",
+        "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F",
 },
 #endif
 #ifdef ECC521
 {
-   65,
-   "ECC-521",
-   /* prime */
-   "V///////////////////////////////////////////////////////////"
-   "///////////////////////////",
-
-   /* B */
-   "56LFhbXZXoQ7vAQ8Q2sXK3kejfoMvcp5VEuj8cHZl49uLOPEL7iVfDx5bB0l"
-   "JknlmSrSz+8FImqyUz57zHhK3y0",
-
-   /* Order */
-   "V//////////////////////////////////////////+b66XuE/BvPhVym1I"
-   "FS9fT0xjScuYPn7hhjljnwHE6G9",
-
-   /* Gx and Gy */
-   "CQ5ZWQt10JfpPu+osOZbRH2d6I1EGK/jI7uAAzWQqqzkg5BNdVlvrae/Xt19"
-   "wB/gDupIBF1XMf2c/b+VZ72vRrc",
-
-   "HWvAMfucZl015oANxGiVHlPcFL4ILURH6WNhxqN9pvcB9VkSfbUz2P0nL2v0"
-   "J+j1s4rF726edB2G8Y+b7QVqMPG",
+        66,
+        "ECC-521",
+        "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",
+        "51953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",
+        "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409",
+        "C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66",
+        "11839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650",
 },
 #endif
 {
@@ -150,887 +119,9 @@ static const struct {
 }
 };
 
-static int is_valid_idx(int n)
-{
-   int x;
-
-   for (x = 0; sets[x].size != 0; x++);
-   if ((n < 0) || (n >= x)) {
-      return 0;
-   }
-   return 1;
-}
-
-static ecc_point *new_point(void)
-{
-   ecc_point *p;
-   p = XMALLOC(sizeof(ecc_point));
-   if (p == NULL) {
-      return NULL;
-   }
-   if (mp_init_multi(&p->x, &p->y, &p->z, NULL) != MP_OKAY) {
-      XFREE(p);
-      return NULL;
-   }
-   return p;
-}
-
-static void del_point(ecc_point *p)
-{
-   /* prevents free'ing null arguments */
-   if (p != NULL) {
-      mp_clear_multi(&p->x, &p->y, &p->z, NULL);
-      XFREE(p);
-   }
-}
-
-static int ecc_map(ecc_point *P, mp_int *modulus, mp_digit mp)
-{
-   mp_int t1, t2;
-   int err;
-
-   if ((err = mp_init_multi(&t1, &t2, NULL)) != CRYPT_OK) {
-      return CRYPT_MEM;
-   }
-
-   /* first map z back to normal */
-   if ((err = mp_montgomery_reduce(&P->z, modulus, mp)) != MP_OKAY)           { goto error; }
-
-   /* get 1/z */
-   if ((err = mp_invmod(&P->z, modulus, &t1)) != MP_OKAY)                     { goto error; }
- 
-   /* get 1/z^2 and 1/z^3 */
-   if ((err = mp_sqr(&t1, &t2)) != MP_OKAY)                                   { goto error; }
-   if ((err = mp_mod(&t2, modulus, &t2)) != MP_OKAY)                          { goto error; }
-   if ((err = mp_mul(&t1, &t2, &t1)) != MP_OKAY)                              { goto error; }
-   if ((err = mp_mod(&t1, modulus, &t1)) != MP_OKAY)                          { goto error; }
-
-   /* multiply against x/y */
-   if ((err = mp_mul(&P->x, &t2, &P->x)) != MP_OKAY)                          { goto error; }
-   if ((err = mp_montgomery_reduce(&P->x, modulus, mp)) != MP_OKAY)           { goto error; }
-   if ((err = mp_mul(&P->y, &t1, &P->y)) != MP_OKAY)                          { goto error; }
-   if ((err = mp_montgomery_reduce(&P->y, modulus, mp)) != MP_OKAY)           { goto error; }
-   mp_set(&P->z, 1);
-
-   err = CRYPT_OK;
-   goto done;
-error:
-   err = mpi_to_ltc_error(err);
-done:
-   mp_clear_multi(&t1, &t2, NULL);
-   return err;
-
-}
-
-/* double a point R = 2P, R can be P*/
-static int dbl_point(ecc_point *P, ecc_point *R, mp_int *modulus, mp_digit mp)
-{
-   mp_int t1, t2;
-   int err;
-
-   if ((err = mp_init_multi(&t1, &t2, NULL)) != MP_OKAY) {
-      return mpi_to_ltc_error(err);
-   }
-
-   if ((err = mp_copy(&P->x, &R->x)) != MP_OKAY)                                   { goto error; }
-   if ((err = mp_copy(&P->y, &R->y)) != MP_OKAY)                                   { goto error; }
-   if ((err = mp_copy(&P->z, &R->z)) != MP_OKAY)                                   { goto error; }
-
-   /* t1 = Z * Z */
-   if ((err = mp_sqr(&R->z, &t1)) != MP_OKAY)                                      { goto error; }
-   if ((err = mp_montgomery_reduce(&t1, modulus, mp)) != MP_OKAY)                  { goto error; }
-   /* Z = Y * Z */
-   if ((err = mp_mul(&R->z, &R->y, &R->z)) != MP_OKAY)                             { goto error; }
-   if ((err = mp_montgomery_reduce(&R->z, modulus, mp)) != MP_OKAY)                { goto error; }
-   /* Z = 2Z */
-   if ((err = mp_mul_2(&R->z, &R->z)) != MP_OKAY)                                  { goto error; }
-   if (mp_cmp(&R->z, modulus) != MP_LT) {
-      if ((err = mp_sub(&R->z, modulus, &R->z)) != MP_OKAY)                        { goto error; }
-   }
-
-   /* T2 = X - T1 */
-   if ((err = mp_sub(&R->x, &t1, &t2)) != MP_OKAY)                                 { goto error; }
-   if (mp_cmp_d(&t2, 0) == MP_LT) {
-      if ((err = mp_add(&t2, modulus, &t2)) != MP_OKAY)                            { goto error; }
-   }
-   /* T1 = X + T1 */
-   if ((err = mp_add(&t1, &R->x, &t1)) != MP_OKAY)                                 { goto error; }
-   if (mp_cmp(&t1, modulus) != MP_LT) {
-      if ((err = mp_sub(&t1, modulus, &t1)) != MP_OKAY)                            { goto error; }
-   }
-   /* T2 = T1 * T2 */
-   if ((err = mp_mul(&t1, &t2, &t2)) != MP_OKAY)                                   { goto error; }
-   if ((err = mp_montgomery_reduce(&t2, modulus, mp)) != MP_OKAY)                  { goto error; }
-   /* T1 = 2T2 */
-   if ((err = mp_mul_2(&t2, &t1)) != MP_OKAY)                                      { goto error; }
-   if (mp_cmp(&t1, modulus) != MP_LT) {
-      if ((err = mp_sub(&t1, modulus, &t1)) != MP_OKAY)                            { goto error; }
-   }
-   /* T1 = T1 + T2 */
-   if ((err = mp_add(&t1, &t2, &t1)) != MP_OKAY)                                   { goto error; }
-   if (mp_cmp(&t1, modulus) != MP_LT) {
-      if ((err = mp_sub(&t1, modulus, &t1)) != MP_OKAY)                            { goto error; }
-   }
-
-   /* Y = 2Y */
-   if ((err = mp_mul_2(&R->y, &R->y)) != MP_OKAY)                                  { goto error; }
-   if (mp_cmp(&R->y, modulus) != MP_LT) {
-      if ((err = mp_sub(&R->y, modulus, &R->y)) != MP_OKAY)                        { goto error; }
-   }
-   /* Y = Y * Y */
-   if ((err = mp_sqr(&R->y, &R->y)) != MP_OKAY)                                    { goto error; }
-   if ((err = mp_montgomery_reduce(&R->y, modulus, mp)) != MP_OKAY)                { goto error; }
-   /* T2 = Y * Y */
-   if ((err = mp_sqr(&R->y, &t2)) != MP_OKAY)                                      { goto error; }
-   if ((err = mp_montgomery_reduce(&t2, modulus, mp)) != MP_OKAY)                  { goto error; }
-   /* T2 = T2/2 */
-   if (mp_isodd(&t2)) {
-      if ((err = mp_add(&t2, modulus, &t2)) != MP_OKAY)                            { goto error; }
-   }
-   if ((err = mp_div_2(&t2, &t2)) != MP_OKAY)                                      { goto error; }
-   /* Y = Y * X */
-   if ((err = mp_mul(&R->y, &R->x, &R->y)) != MP_OKAY)                             { goto error; }
-   if ((err = mp_montgomery_reduce(&R->y, modulus, mp)) != MP_OKAY)                { goto error; }
-
-   /* X  = T1 * T1 */
-   if ((err = mp_sqr(&t1, &R->x)) != MP_OKAY)                                      { goto error; }
-   if ((err = mp_montgomery_reduce(&R->x, modulus, mp)) != MP_OKAY)                { goto error; }
-   /* X = X - Y */
-   if ((err = mp_sub(&R->x, &R->y, &R->x)) != MP_OKAY)                             { goto error; }
-   if (mp_cmp_d(&R->x, 0) == MP_LT) {
-      if ((err = mp_add(&R->x, modulus, &R->x)) != MP_OKAY)                        { goto error; }
-   }
-   /* X = X - Y */
-   if ((err = mp_sub(&R->x, &R->y, &R->x)) != MP_OKAY)                             { goto error; }
-   if (mp_cmp_d(&R->x, 0) == MP_LT) {
-      if ((err = mp_add(&R->x, modulus, &R->x)) != MP_OKAY)                        { goto error; }
-   }
-
-   /* Y = Y - X */     
-   if ((err = mp_sub(&R->y, &R->x, &R->y)) != MP_OKAY)                             { goto error; }
-   if (mp_cmp_d(&R->y, 0) == MP_LT) {
-      if ((err = mp_add(&R->y, modulus, &R->y)) != MP_OKAY)                        { goto error; }
-   }
-   /* Y = Y * T1 */
-   if ((err = mp_mul(&R->y, &t1, &R->y)) != MP_OKAY)                               { goto error; }
-   if ((err = mp_montgomery_reduce(&R->y, modulus, mp)) != MP_OKAY)                { goto error; }
-   /* Y = Y - T2 */
-   if ((err = mp_sub(&R->y, &t2, &R->y)) != MP_OKAY)                               { goto error; }
-   if (mp_cmp_d(&R->y, 0) == MP_LT) {
-      if ((err = mp_add(&R->y, modulus, &R->y)) != MP_OKAY)                        { goto error; }
-   }
- 
-   err = CRYPT_OK;
-   goto done;
-error:
-   err = mpi_to_ltc_error(err);
-done:
-   mp_clear_multi(&t1, &t2, NULL);
-   return err;
-}
-
-/* add two different points over Z/pZ, R = P + Q, note R can equal either P or Q */
-static int add_point(ecc_point *P, ecc_point *Q, ecc_point *R, mp_int *modulus, mp_digit mp)
-{
-   mp_int t1, t2, x, y, z;
-   int err;
-
-   if ((err = mp_init_multi(&t1, &t2, &x, &y, &z, NULL)) != MP_OKAY) {
-      return mpi_to_ltc_error(err);
-   }
-
-   if ((err = mp_copy(&P->x, &x)) != MP_OKAY)                                   { goto error; }
-   if ((err = mp_copy(&P->y, &y)) != MP_OKAY)                                   { goto error; }
-   if ((err = mp_copy(&P->z, &z)) != MP_OKAY)                                   { goto error; }
-
-      /* T1 = Z' * Z' */
-      if ((err = mp_sqr(&Q->z, &t1)) != MP_OKAY)                                { goto error; }
-      if ((err = mp_montgomery_reduce(&t1, modulus, mp)) != MP_OKAY)            { goto error; }
-      /* X = X * T1 */
-      if ((err = mp_mul(&t1, &x, &x)) != MP_OKAY)                               { goto error; }
-      if ((err = mp_montgomery_reduce(&x, modulus, mp)) != MP_OKAY)             { goto error; }
-      /* T1 = Z' * T1 */
-      if ((err = mp_mul(&Q->z, &t1, &t1)) != MP_OKAY)                           { goto error; }
-      if ((err = mp_montgomery_reduce(&t1, modulus, mp)) != MP_OKAY)            { goto error; }
-      /* Y = Y * T1 */
-      if ((err = mp_mul(&t1, &y, &y)) != MP_OKAY)                               { goto error; }
-      if ((err = mp_montgomery_reduce(&y, modulus, mp)) != MP_OKAY)             { goto error; }
-
-   /* T1 = Z*Z */
-   if ((err = mp_sqr(&z, &t1)) != MP_OKAY)                                      { goto error; }
-   if ((err = mp_montgomery_reduce(&t1, modulus, mp)) != MP_OKAY)               { goto error; }
-   /* T2 = X' * T1 */
-   if ((err = mp_mul(&Q->x, &t1, &t2)) != MP_OKAY)                              { goto error; }
-   if ((err = mp_montgomery_reduce(&t2, modulus, mp)) != MP_OKAY)               { goto error; }
-   /* T1 = Z * T1 */
-   if ((err = mp_mul(&z, &t1, &t1)) != MP_OKAY)                                 { goto error; }
-   if ((err = mp_montgomery_reduce(&t1, modulus, mp)) != MP_OKAY)               { goto error; }
-   /* T1 = Y' * T1 */
-   if ((err = mp_mul(&Q->y, &t1, &t1)) != MP_OKAY)                              { goto error; }
-   if ((err = mp_montgomery_reduce(&t1, modulus, mp)) != MP_OKAY)               { goto error; }
-
-   /* Y = Y - T1 */
-   if ((err = mp_sub(&y, &t1, &y)) != MP_OKAY)                                  { goto error; }
-   if (mp_cmp_d(&y, 0) == MP_LT) {
-      if ((err = mp_add(&y, modulus, &y)) != MP_OKAY)                           { goto error; }
-   }
-   /* T1 = 2T1 */
-   if ((err = mp_mul_2(&t1, &t1)) != MP_OKAY)                                   { goto error; }
-   if (mp_cmp(&t1, modulus) != MP_LT) {
-      if ((err = mp_sub(&t1, modulus, &t1)) != MP_OKAY)                         { goto error; }
-   }
-   /* T1 = Y + T1 */
-   if ((err = mp_add(&t1, &y, &t1)) != MP_OKAY)                                 { goto error; }
-   if (mp_cmp(&t1, modulus) != MP_LT) {
-      if ((err = mp_sub(&t1, modulus, &t1)) != MP_OKAY)                         { goto error; }
-   }
-   /* X = X - T2 */
-   if ((err = mp_sub(&x, &t2, &x)) != MP_OKAY)                                  { goto error; }
-   if (mp_cmp_d(&x, 0) == MP_LT) {
-      if ((err = mp_add(&x, modulus, &x)) != MP_OKAY)                           { goto error; }
-   }
-   /* T2 = 2T2 */
-   if ((err = mp_mul_2(&t2, &t2)) != MP_OKAY)                                   { goto error; }
-   if (mp_cmp(&t2, modulus) != MP_LT) {
-      if ((err = mp_sub(&t2, modulus, &t2)) != MP_OKAY)                         { goto error; }
-   }
-   /* T2 = X + T2 */
-   if ((err = mp_add(&t2, &x, &t2)) != MP_OKAY)                                 { goto error; }
-   if (mp_cmp(&t2, modulus) != MP_LT) {
-      if ((err = mp_sub(&t2, modulus, &t2)) != MP_OKAY)                         { goto error; }
-   }
-
-   /* if Z' != 1 */
-   if (mp_cmp_d(&Q->z, 1) != MP_EQ) {
-      /* Z = Z * Z' */
-      if ((err = mp_mul(&z, &Q->z, &z)) != MP_OKAY)                             { goto error; }
-      if ((err = mp_montgomery_reduce(&z, modulus, mp)) != MP_OKAY)             { goto error; }
-   }
-   /* Z = Z * X */
-   if ((err = mp_mul(&z, &x, &z)) != MP_OKAY)                                   { goto error; }
-   if ((err = mp_montgomery_reduce(&z, modulus, mp)) != MP_OKAY)                { goto error; }
-
-   /* T1 = T1 * X  */
-   if ((err = mp_mul(&t1, &x, &t1)) != MP_OKAY)                                 { goto error; }
-   if ((err = mp_montgomery_reduce(&t1, modulus, mp)) != MP_OKAY)               { goto error; }
-   /* X = X * X */
-   if ((err = mp_sqr(&x, &x)) != MP_OKAY)                                       { goto error; }
-   if ((err = mp_montgomery_reduce(&x, modulus, mp)) != MP_OKAY)                { goto error; }
-   /* T2 = T2 * x */
-   if ((err = mp_mul(&t2, &x, &t2)) != MP_OKAY)                                 { goto error; }
-   if ((err = mp_montgomery_reduce(&t2, modulus, mp)) != MP_OKAY)               { goto error; }
-   /* T1 = T1 * X  */
-   if ((err = mp_mul(&t1, &x, &t1)) != MP_OKAY)                                 { goto error; }
-   if ((err = mp_montgomery_reduce(&t1, modulus, mp)) != MP_OKAY)               { goto error; }
- 
-   /* X = Y*Y */
-   if ((err = mp_sqr(&y, &x)) != MP_OKAY)                                       { goto error; }
-   if ((err = mp_montgomery_reduce(&x, modulus, mp)) != MP_OKAY)                { goto error; }
-   /* X = X - T2 */
-   if ((err = mp_sub(&x, &t2, &x)) != MP_OKAY)                                  { goto error; }
-   if (mp_cmp_d(&x, 0) == MP_LT) {
-      if ((err = mp_add(&x, modulus, &x)) != MP_OKAY)                           { goto error; }
-   }
-
-   /* T2 = T2 - X */
-   if ((err = mp_sub(&t2, &x, &t2)) != MP_OKAY)                                 { goto error; }
-   if (mp_cmp_d(&t2, 0) == MP_LT) {
-      if ((err = mp_add(&t2, modulus, &t2)) != MP_OKAY)                         { goto error; }
-   } 
-   /* T2 = T2 - X */
-   if ((err = mp_sub(&t2, &x, &t2)) != MP_OKAY)                                 { goto error; }
-   if (mp_cmp_d(&t2, 0) == MP_LT) {
-      if ((err = mp_add(&t2, modulus, &t2)) != MP_OKAY)                         { goto error; }
-   }
-   /* T2 = T2 * Y */
-   if ((err = mp_mul(&t2, &y, &t2)) != MP_OKAY)                                 { goto error; }
-   if ((err = mp_montgomery_reduce(&t2, modulus, mp)) != MP_OKAY)               { goto error; }
-   /* Y = T2 - T1 */
-   if ((err = mp_sub(&t2, &t1, &y)) != MP_OKAY)                                 { goto error; }
-   if (mp_cmp_d(&y, 0) == MP_LT) {
-      if ((err = mp_add(&y, modulus, &y)) != MP_OKAY)                           { goto error; }
-   }
-   /* Y = Y/2 */
-   if (mp_isodd(&y)) {
-      if ((err = mp_add(&y, modulus, &y)) != MP_OKAY)                           { goto error; }
-   }
-   if ((err = mp_div_2(&y, &y)) != MP_OKAY)                                     { goto error; }
-
-   if ((err = mp_copy(&x, &R->x)) != MP_OKAY)                                   { goto error; }
-   if ((err = mp_copy(&y, &R->y)) != MP_OKAY)                                   { goto error; }
-   if ((err = mp_copy(&z, &R->z)) != MP_OKAY)                                   { goto error; }
-
-   err = CRYPT_OK;
-   goto done;
-error:
-   err = mpi_to_ltc_error(err);
-done:
-   mp_clear_multi(&t1, &t2, &x, &y, &z, NULL);
-   return err;
-}
-
-/* size of sliding window, don't change this! */
-#define WINSIZE 4
-
-/* perform R = kG where k == integer and G == ecc_point */
-static int ecc_mulmod(mp_int *k, ecc_point *G, ecc_point *R, mp_int *modulus, int map)
-{
-   ecc_point *tG, *M[8];
-   int        i, j, err;
-   mp_int     mu;
-   mp_digit   buf, mp;
-   int        first, bitbuf, bitcpy, bitcnt, mode, digidx;
-
-   /* init montgomery reduction */
-   if ((err = mp_montgomery_setup(modulus, &mp)) != MP_OKAY) {
-      return CRYPT_INVALID_ARG;
-   }
-   if ((err = mp_init(&mu)) != MP_OKAY) {
-      return CRYPT_MEM;
-   }
-   if ((err = mp_montgomery_calc_normalization(&mu, modulus)) != MP_OKAY) {
-      mp_clear(&mu);
-      return CRYPT_INVALID_ARG;
-   }
-
-  /* alloc ram for window temps */
-  for (i = 0; i < 8; i++) {
-      M[i] = new_point();
-      if (M[i] == NULL) {
-         for (j = 0; j < i; j++) {
-             del_point(M[j]);
-         }
-         mp_clear(&mu);
-         return CRYPT_MEM;
-      }
-  }
-
-   /* make a copy of G incase R==G */
-   tG = new_point();
-   if (tG == NULL)                                                            { err = CRYPT_MEM; goto done; }
-
-   /* tG = G  and convert to montgomery */
-   if ((err = mp_mulmod(&G->x, &mu, modulus, &tG->x)) != MP_OKAY)             { goto error; }
-   if ((err = mp_mulmod(&G->y, &mu, modulus, &tG->y)) != MP_OKAY)             { goto error; }
-   if ((err = mp_mulmod(&G->z, &mu, modulus, &tG->z)) != MP_OKAY)             { goto error; }
-   mp_clear(&mu);
-   
-   /* calc the M tab, which holds kG for k==8..15 */
-   /* M[0] == 8G */
-   if ((err = dbl_point(tG,   M[0], modulus, mp)) != CRYPT_OK)               { goto done; }
-   if ((err = dbl_point(M[0], M[0], modulus, mp)) != CRYPT_OK)               { goto done; }
-   if ((err = dbl_point(M[0], M[0], modulus, mp)) != CRYPT_OK)               { goto done; }
-
-   /* now find (8+k)G for k=1..7 */
-   for (j = 9; j < 16; j++) {
-       if ((err = add_point(M[j-9], tG, M[j-8], modulus, mp)) != CRYPT_OK)   { goto done; }
-   }
-
-   /* setup sliding window */
-   mode   = 0;
-   bitcnt = 1;
-   buf    = 0;
-   digidx = k->used - 1;
-   bitcpy = bitbuf = 0;
-   first  = 1;
-
-   /* perform ops */
-   for (;;) {
-     /* grab next digit as required */
-     if (--bitcnt == 0) {
-       if (digidx == -1) {
-          break;
-       }
-       buf = k->dp[digidx--];
-       bitcnt = (int) DIGIT_BIT;
-     }
-
-     /* grab the next msb from the ltiplicand */
-     i = (buf >> (DIGIT_BIT - 1)) & 1;
-     buf <<= 1;
-
-     /* skip leading zero bits */
-     if (mode == 0 && i == 0) {
-        continue;
-     }
-
-     /* if the bit is zero and mode == 1 then we double */
-     if (mode == 1 && i == 0) {
-        if ((err = dbl_point(R, R, modulus, mp)) != CRYPT_OK)                { goto done; }
-        continue;
-     }
-
-     /* else we add it to the window */
-     bitbuf |= (i << (WINSIZE - ++bitcpy));
-     mode = 2;
-
-     if (bitcpy == WINSIZE) {
-       /* if this is the first window we do a simple copy */
-       if (first == 1) {
-          /* R = kG [k = first window] */
-          if ((err = mp_copy(&M[bitbuf-8]->x, &R->x)) != MP_OKAY)             { goto error; }
-          if ((err = mp_copy(&M[bitbuf-8]->y, &R->y)) != MP_OKAY)             { goto error; }
-          if ((err = mp_copy(&M[bitbuf-8]->z, &R->z)) != MP_OKAY)             { goto error; }
-          first = 0;
-       } else {
-         /* normal window */
-         /* ok window is filled so double as required and add  */
-         /* double first */
-         for (j = 0; j < WINSIZE; j++) {
-           if ((err = dbl_point(R, R, modulus, mp)) != CRYPT_OK)             { goto done; }
-         }
-
-         /* then add, bitbuf will be 8..15 [8..2^WINSIZE] guaranteed */
-         if ((err = add_point(R, M[bitbuf-8], R, modulus, mp)) != CRYPT_OK)  { goto done; }
-       }
-       /* empty window and reset */
-       bitcpy = bitbuf = 0;
-       mode = 1;
-    }
-  }
-
-   /* if bits remain then double/add */
-   if (mode == 2 && bitcpy > 0) {
-     /* double then add */
-     for (j = 0; j < bitcpy; j++) {
-       /* only double if we have had at least one add first */
-       if (first == 0) {
-          if ((err = dbl_point(R, R, modulus, mp)) != CRYPT_OK)               { goto done; }
-       }
-
-       bitbuf <<= 1;
-       if ((bitbuf & (1 << WINSIZE)) != 0) {
-         if (first == 1){
-            /* first add, so copy */
-            if ((err = mp_copy(&tG->x, &R->x)) != MP_OKAY)                     { goto error; }
-            if ((err = mp_copy(&tG->y, &R->y)) != MP_OKAY)                     { goto error; }
-            if ((err = mp_copy(&tG->z, &R->z)) != MP_OKAY)                     { goto error; }
-            first = 0;
-         } else {
-            /* then add */
-            if ((err = add_point(R, tG, R, modulus, mp)) != CRYPT_OK)         { goto done; }
-         }
-       }
-     }
-   }
-
-   /* map R back from projective space */
-   if (map) {
-      err = ecc_map(R, modulus, mp);
-   } else {
-      err = CRYPT_OK;
-   }
-
-   goto done;
-error:
-   err = mpi_to_ltc_error(err);
-done:
-   del_point(tG);
-   for (i = 0; i < 8; i++) {
-       del_point(M[i]);
-   }
-   return err;
-}
-
-#undef WINSIZE
-
-/**
-  Perform on the ECC system
-  @return CRYPT_OK if successful
-*/
-int ecc_test(void)
-{
-   mp_int     modulus, order;
-   ecc_point  *G, *GG;
-   int i, err, primality;
-
-   if ((err = mp_init_multi(&modulus, &order, NULL)) != MP_OKAY) {
-      return mpi_to_ltc_error(err);
-   }
-
-   G   = new_point();
-   GG  = new_point();
-   if (G == NULL || GG == NULL) {
-      mp_clear_multi(&modulus, &order, NULL);
-      del_point(G);
-      del_point(GG);
-      return CRYPT_MEM;
-   }
-
-   for (i = 0; sets[i].size; i++) {
-       #if 0
-          printf("Testing %d\n", sets[i].size);
-       #endif
-       if ((err = mp_read_radix(&modulus, (char *)sets[i].prime, 64)) != MP_OKAY)   { goto error; }
-       if ((err = mp_read_radix(&order, (char *)sets[i].order, 64)) != MP_OKAY)     { goto error; }
-
-       /* is prime actually prime? */
-       if ((err = is_prime(&modulus, &primality)) != CRYPT_OK)                      { goto done; }
-       if (primality == 0) {
-          err = CRYPT_FAIL_TESTVECTOR;
-          goto done;
-       }
-
-       /* is order prime ? */
-       if ((err = is_prime(&order, &primality)) != CRYPT_OK)                        { goto done; }
-       if (primality == 0) {
-          err = CRYPT_FAIL_TESTVECTOR;
-          goto done;
-       }
-
-       if ((err = mp_read_radix(&G->x, (char *)sets[i].Gx, 64)) != MP_OKAY)         { goto error; }
-       if ((err = mp_read_radix(&G->y, (char *)sets[i].Gy, 64)) != MP_OKAY)         { goto error; }
-       mp_set(&G->z, 1);
-
-       /* then we should have G == (order + 1)G */
-       if ((err = mp_add_d(&order, 1, &order)) != MP_OKAY)                          { goto error; }
-       if ((err = ecc_mulmod(&order, G, GG, &modulus, 1)) != CRYPT_OK)              { goto done; }
-       if (mp_cmp(&G->x, &GG->x) != 0 || mp_cmp(&G->y, &GG->y) != 0) {
-          err = CRYPT_FAIL_TESTVECTOR;
-          goto done;
-       }
-   }
-   err = CRYPT_OK;
-   goto done;
-error:
-   err = mpi_to_ltc_error(err);
-done:
-   del_point(GG);
-   del_point(G);
-   mp_clear_multi(&order, &modulus, NULL);
-   return err;
-}
-
-void ecc_sizes(int *low, int *high)
-{
- int i;
- LTC_ARGCHK(low  != NULL);
- LTC_ARGCHK(high != NULL);
-
- *low = INT_MAX;
- *high = 0;
- for (i = 0; sets[i].size != 0; i++) {
-     if (sets[i].size < *low)  {
-        *low  = sets[i].size;
-     }
-     if (sets[i].size > *high) {
-        *high = sets[i].size;
-     }
- }
-}
-
-/**
-  Make a new ECC key 
-  @param prng         An active PRNG state
-  @param wprng        The index of the PRNG you wish to use
-  @param keysize      The keysize for the new key (in octets from 20 to 65 bytes)
-  @param key          [out] Destination of the newly created key
-  @return CRYPT_OK if successful, upon error all allocated memory will be freed
-*/
-int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key)
-{
-   int            x, err;
-   ecc_point     *base;
-   mp_int         prime;
-   unsigned char *buf;
-
-   LTC_ARGCHK(key != NULL);
-
-   /* good prng? */
-   if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
-      return err;
-   }
-
-   /* find key size */
-   for (x = 0; (keysize > sets[x].size) && (sets[x].size != 0); x++);
-   keysize = sets[x].size;
-
-   if (keysize > ECC_MAXSIZE || sets[x].size == 0) {
-      return CRYPT_INVALID_KEYSIZE;
-   }
-   key->idx = x;
-
-   /* allocate ram */
-   base = NULL;
-   buf  = XMALLOC(ECC_MAXSIZE);
-   if (buf == NULL) {
-      return CRYPT_MEM;
-   }
-
-   /* make up random string */
-   if (prng_descriptor[wprng].read(buf, (unsigned long)keysize, prng) != (unsigned long)keysize) {
-      err = CRYPT_ERROR_READPRNG;
-      goto LBL_ERR2;
-   }
-
-   /* setup the key variables */
-   if ((err = mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, &prime, NULL)) != MP_OKAY) {
-      err = mpi_to_ltc_error(err);
-      goto LBL_ERR;
-   }
-   base = new_point();
-   if (base == NULL) {
-      mp_clear_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, &prime, NULL);
-      err = CRYPT_MEM;
-      goto LBL_ERR;
-   }
-
-   /* read in the specs for this key */
-   if ((err = mp_read_radix(&prime, (char *)sets[key->idx].prime, 64)) != MP_OKAY)      { goto error; }
-   if ((err = mp_read_radix(&base->x, (char *)sets[key->idx].Gx, 64)) != MP_OKAY)       { goto error; }
-   if ((err = mp_read_radix(&base->y, (char *)sets[key->idx].Gy, 64)) != MP_OKAY)       { goto error; }
-   mp_set(&base->z, 1);
-   if ((err = mp_read_unsigned_bin(&key->k, (unsigned char *)buf, keysize)) != MP_OKAY) { goto error; }
-
-   /* make the public key */
-   if ((err = ecc_mulmod(&key->k, base, &key->pubkey, &prime, 1)) != CRYPT_OK)          { goto LBL_ERR; }
-   key->type = PK_PRIVATE;
-
-   /* shrink key */
-   if ((err = mp_shrink(&key->k)) != MP_OKAY)                                           { goto error; }
-   if ((err = mp_shrink(&key->pubkey.x)) != MP_OKAY)                                    { goto error; }
-   if ((err = mp_shrink(&key->pubkey.y)) != MP_OKAY)                                    { goto error; }
-   if ((err = mp_shrink(&key->pubkey.z)) != MP_OKAY)                                    { goto error; }
-
-   /* free up ram */
-   err = CRYPT_OK;
-   goto LBL_ERR;
-error:
-   err = mpi_to_ltc_error(err);
-LBL_ERR:
-   del_point(base);
-   mp_clear(&prime);
-LBL_ERR2:
-#ifdef LTC_CLEAN_STACK
-   zeromem(buf, ECC_MAXSIZE);
-#endif
-
-   XFREE(buf);
-
-   return err;
-}
-
-/**
-  Free an ECC key from memory
-  @param key   The key you wish to free
-*/
-void ecc_free(ecc_key *key)
-{
-   LTC_ARGCHK(key != NULL);
-   mp_clear_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, NULL);
-}
-
-/**
-  Export an ECC key as a binary packet
-  @param out     [out] Destination for the key
-  @param outlen  [in/out] Max size and resulting size of the exported key
-  @param type    The type of key you want to export (PK_PRIVATE or PK_PUBLIC)
-  @param key     The key to export
-  @return CRYPT_OK if successful
-*/
-int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key)
-{
-   int           err;
-   unsigned char flags[1];
-   unsigned long key_size;
-
-   LTC_ARGCHK(out    != NULL);
-   LTC_ARGCHK(outlen != NULL);
-   LTC_ARGCHK(key    != NULL);
-   
-   /* type valid? */
-   if (key->type != PK_PRIVATE && type == PK_PRIVATE) {
-      return CRYPT_PK_TYPE_MISMATCH;
-   }
-
-   if (is_valid_idx(key->idx) == 0) {
-      return CRYPT_INVALID_ARG;
-   }
-
-   /* we store the NIST byte size */
-   key_size = sets[key->idx].size;
-
-   if (type == PK_PRIVATE) {
-       flags[0] = 1;
-       err = der_encode_sequence_multi(out, outlen,
-                                 LTC_ASN1_BIT_STRING,      1UL, flags,
-                                 LTC_ASN1_SHORT_INTEGER,   1UL, &key_size,
-                                 LTC_ASN1_INTEGER,         1UL, &key->pubkey.x,
-                                 LTC_ASN1_INTEGER,         1UL, &key->pubkey.y,
-                                 LTC_ASN1_INTEGER,         1UL, &key->k,
-                                 LTC_ASN1_EOL,             0UL, NULL);
-   } else {
-       flags[0] = 0;
-       err = der_encode_sequence_multi(out, outlen,
-                                 LTC_ASN1_BIT_STRING,      1UL, flags,
-                                 LTC_ASN1_SHORT_INTEGER,   1UL, &key_size,
-                                 LTC_ASN1_INTEGER,         1UL, &key->pubkey.x,
-                                 LTC_ASN1_INTEGER,         1UL, &key->pubkey.y,
-                                 LTC_ASN1_EOL,             0UL, NULL);
-   }
-
-   return err;
-}
-
-/**
-  Import an ECC key from a binary packet
-  @param in      The packet to import
-  @param inlen   The length of the packet
-  @param key     [out] The destination of the import
-  @return CRYPT_OK if successful, upon error all allocated memory will be freed
-*/
-int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key)
-{
-   unsigned long key_size;
-   unsigned char flags[1];
-   int           err;
-
-   LTC_ARGCHK(in  != NULL);
-   LTC_ARGCHK(key != NULL);
-
-   /* init key */
-   if (mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, NULL) != MP_OKAY) {
-      return CRYPT_MEM;
-   }
-
-   /* find out what type of key it is */
-   if ((err = der_decode_sequence_multi(in, inlen, 
-                                  LTC_ASN1_BIT_STRING, 1UL, &flags,
-                                  LTC_ASN1_EOL,        0UL, NULL)) != CRYPT_OK) {
-      goto error;
-   }
-
-
-   if (flags[0] == 1) {
-      /* private key */
-      key->type = PK_PRIVATE;
-      if ((err = der_decode_sequence_multi(in, inlen,
-                                     LTC_ASN1_BIT_STRING,      1UL, flags,
-                                     LTC_ASN1_SHORT_INTEGER,   1UL, &key_size,
-                                     LTC_ASN1_INTEGER,         1UL, &key->pubkey.x,
-                                     LTC_ASN1_INTEGER,         1UL, &key->pubkey.y,
-                                     LTC_ASN1_INTEGER,         1UL, &key->k,
-                                     LTC_ASN1_EOL,             0UL, NULL)) != CRYPT_OK) {
-         goto error;
-      }
-   } else {
-      /* public key */
-      /* private key */
-      key->type = PK_PUBLIC;
-      if ((err = der_decode_sequence_multi(in, inlen,
-                                     LTC_ASN1_BIT_STRING,      1UL, flags,
-                                     LTC_ASN1_SHORT_INTEGER,   1UL, &key_size,
-                                     LTC_ASN1_INTEGER,         1UL, &key->pubkey.x,
-                                     LTC_ASN1_INTEGER,         1UL, &key->pubkey.y,
-                                     LTC_ASN1_EOL,             0UL, NULL)) != CRYPT_OK) {
-         goto error;
-      }
-   }
-
-   /* find the idx */
-   for (key->idx = 0; sets[key->idx].size && (unsigned long)sets[key->idx].size != key_size; ++key->idx);
-   if (sets[key->idx].size == 0) {
-      err = CRYPT_INVALID_PACKET;
-      goto error;
-   }
-
-   /* set z */
-   mp_set(&key->pubkey.z, 1);
-
-   /* we're good */
-   return CRYPT_OK;
-error:
-   mp_clear_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, NULL);
-   return err;
-}
-
-/**
-  Create an ECC shared secret between two keys
-  @param private_key      The private ECC key
-  @param public_key       The public key
-  @param out              [out] Destination of the shared secret (Conforms to EC-DH from ANSI X9.63)
-  @param outlen           [in/out] The max size and resulting size of the shared secret
-  @return CRYPT_OK if successful
-*/
-int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key,
-                      unsigned char *out, unsigned long *outlen)
-{
-   unsigned long x;
-   ecc_point *result;
-   mp_int prime;
-   int err;
-
-   LTC_ARGCHK(private_key != NULL);
-   LTC_ARGCHK(public_key  != NULL);
-   LTC_ARGCHK(out         != NULL);
-   LTC_ARGCHK(outlen      != NULL);
-
-   /* type valid? */
-   if (private_key->type != PK_PRIVATE) {
-      return CRYPT_PK_NOT_PRIVATE;
-   }
-
-   if (is_valid_idx(private_key->idx) == 0) {
-      return CRYPT_INVALID_ARG;
-   }
-
-   if (private_key->idx != public_key->idx) {
-      return CRYPT_PK_TYPE_MISMATCH;
-   }
-
-   /* make new point */
-   result = new_point();
-   if (result == NULL) {
-      return CRYPT_MEM;
-   }
-
-   if ((err = mp_init(&prime)) != MP_OKAY) {
-      del_point(result);
-      return mpi_to_ltc_error(err);
-   }
-
-   if ((err = mp_read_radix(&prime, (char *)sets[private_key->idx].prime, 64)) != MP_OKAY)            { goto error; }
-   if ((err = ecc_mulmod(&private_key->k, &public_key->pubkey, result, &prime, 1)) != CRYPT_OK)       { goto done1; }
-
-   x = (unsigned long)mp_unsigned_bin_size(&prime);
-   if (*outlen < x) {
-      err = CRYPT_BUFFER_OVERFLOW;
-      goto done1;
-   }
-   zeromem(out, x);
-   if ((err = mp_to_unsigned_bin(&result->x, out + (x - mp_unsigned_bin_size(&result->x))))   != MP_OKAY)          { goto error; }
-
-   err     = CRYPT_OK;
-   *outlen = x;
-   goto done1;
-error:
-   err = mpi_to_ltc_error(err);
-done1:
-   mp_clear(&prime);
-   del_point(result);
-   return err;
-}
-
-/**
-  Get the size of an ECC key
-  @param key    The key to get the size of 
-  @return The size (octets) of the key or INT_MAX on error
-*/
-int ecc_get_size(ecc_key *key)
-{
-   LTC_ARGCHK(key != NULL);
-   if (is_valid_idx(key->idx))
-      return sets[key->idx].size;
-   else
-      return INT_MAX; /* large value known to cause it to fail when passed to ecc_make_key() */
-}
-
-#include "ecc_sys.c"
-
 #endif
 
-
-
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc.c,v $ */
-/* $Revision: 1.20 $ */
-/* $Date: 2005/06/14 20:42:28 $ */
+/* $Revision: 1.38 $ */
+/* $Date: 2006/11/07 23:14:28 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ecc_ansi_x963_export.c b/libtomcrypt/src/pk/ecc/ecc_ansi_x963_export.c
new file mode 100644
index 0000000..2a32912
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ecc_ansi_x963_export.c
@@ -0,0 +1,72 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ecc_ansi_x963_export.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+/** ECC X9.63 (Sec. 4.3.6) uncompressed export
+  @param key     Key to export
+  @param out     [out] destination of export
+  @param outlen  [in/out]  Length of destination and final output size
+  Return CRYPT_OK on success
+*/
+int ecc_ansi_x963_export(ecc_key *key, unsigned char *out, unsigned long *outlen)
+{
+   unsigned char buf[ECC_BUF_SIZE];
+   unsigned long numlen;
+
+   LTC_ARGCHK(key    != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+
+   if (ltc_ecc_is_valid_idx(key->idx) == 0) {
+      return CRYPT_INVALID_ARG;
+   }
+   numlen = key->dp->size;
+
+   if (*outlen < (1 + 2*numlen)) {
+      *outlen = 1 + 2*numlen;
+      return CRYPT_BUFFER_OVERFLOW;
+   }
+
+   /* store byte 0x04 */
+   out[0] = 0x04;
+
+   /* pad and store x */
+   zeromem(buf, sizeof(buf));
+   mp_to_unsigned_bin(key->pubkey.x, buf + (numlen - mp_unsigned_bin_size(key->pubkey.x)));
+   XMEMCPY(out+1, buf, numlen);
+
+   /* pad and store y */
+   zeromem(buf, sizeof(buf));
+   mp_to_unsigned_bin(key->pubkey.y, buf + (numlen - mp_unsigned_bin_size(key->pubkey.y)));
+   XMEMCPY(out+1+numlen, buf, numlen);
+
+   *outlen = 1 + 2*numlen;
+   return CRYPT_OK;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_ansi_x963_export.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/12/04 02:50:11 $ */
diff --git a/libtomcrypt/src/pk/ecc/ecc_ansi_x963_import.c b/libtomcrypt/src/pk/ecc/ecc_ansi_x963_import.c
new file mode 100644
index 0000000..e92f5f4
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ecc_ansi_x963_import.c
@@ -0,0 +1,104 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ecc_ansi_x963_import.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+/** Import an ANSI X9.63 format public key 
+  @param in      The input data to read
+  @param inlen   The length of the input data
+  @param key     [out] destination to store imported key \
+*/
+int ecc_ansi_x963_import(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+   return ecc_ansi_x963_import_ex(in, inlen, key, NULL);
+}
+
+int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, ltc_ecc_set_type *dp)
+{
+   int x, err;
+ 
+   LTC_ARGCHK(in  != NULL);
+   LTC_ARGCHK(key != NULL);
+   
+   /* must be odd */
+   if ((inlen & 1) == 0) {
+      return CRYPT_INVALID_ARG;
+   }
+
+   /* init key */
+   if (mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, NULL) != CRYPT_OK) {
+      return CRYPT_MEM;
+   }
+
+   /* check for 4, 6 or 7 */
+   if (in[0] != 4 && in[0] != 6 && in[0] != 7) {
+      err = CRYPT_INVALID_PACKET;
+      goto error;
+   }
+
+   /* read data */
+   if ((err = mp_read_unsigned_bin(key->pubkey.x, (unsigned char *)in+1, (inlen-1)>>1)) != CRYPT_OK) {
+      goto error;
+   }
+
+   if ((err = mp_read_unsigned_bin(key->pubkey.y, (unsigned char *)in+1+((inlen-1)>>1), (inlen-1)>>1)) != CRYPT_OK) {
+      goto error;
+   }
+   if ((err = mp_set(key->pubkey.z, 1)) != CRYPT_OK) { goto error; }
+
+   if (dp == NULL) {
+     /* determine the idx */
+      for (x = 0; ltc_ecc_sets[x].size != 0; x++) {
+         if ((unsigned)ltc_ecc_sets[x].size >= ((inlen-1)>>1)) {
+            break;
+         }
+      }
+      if (ltc_ecc_sets[x].size == 0) {
+         err = CRYPT_INVALID_PACKET;
+         goto error;
+      }
+      /* set the idx */
+      key->idx  = x;
+      key->dp = &ltc_ecc_sets[x];
+   } else {
+      if (((inlen-1)>>1) != (unsigned long) dp->size) {
+         err = CRYPT_INVALID_PACKET;
+         goto error;
+      }
+      key->idx = -1;
+      key->dp  = dp;
+   }
+   key->type = PK_PUBLIC;
+
+   /* we're done */
+   return CRYPT_OK;
+error:
+   mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL);
+   return err;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_ansi_x963_import.c,v $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/12/04 22:17:46 $ */
diff --git a/libtomcrypt/src/pk/ecc/ecc_decrypt_key.c b/libtomcrypt/src/pk/ecc/ecc_decrypt_key.c
new file mode 100644
index 0000000..bb56208
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ecc_decrypt_key.c
@@ -0,0 +1,150 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ecc_decrypt_key.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+/**
+  Decrypt an ECC encrypted key
+  @param in       The ciphertext
+  @param inlen    The length of the ciphertext (octets)
+  @param out      [out] The plaintext
+  @param outlen   [in/out] The max size and resulting size of the plaintext
+  @param key      The corresponding private ECC key
+  @return CRYPT_OK if successful
+*/
+int ecc_decrypt_key(const unsigned char *in,  unsigned long  inlen,
+                          unsigned char *out, unsigned long *outlen, 
+                          ecc_key *key)
+{
+   unsigned char *ecc_shared, *skey, *pub_expt;
+   unsigned long  x, y, hashOID[32];
+   int            hash, err;
+   ecc_key        pubkey;
+   ltc_asn1_list  decode[3];
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+   LTC_ARGCHK(key    != NULL);
+
+   /* right key type? */
+   if (key->type != PK_PRIVATE) {
+      return CRYPT_PK_NOT_PRIVATE;
+   }
+   
+   /* decode to find out hash */
+   LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0]));
+ 
+   if ((err = der_decode_sequence(in, inlen, decode, 1)) != CRYPT_OK) {
+      return err;
+   }
+
+   hash = find_hash_oid(hashOID, decode[0].size);                   
+   if (hash_is_valid(hash) != CRYPT_OK) {
+      return CRYPT_INVALID_PACKET;
+   }
+
+   /* we now have the hash! */
+
+   /* allocate memory */
+   pub_expt   = XMALLOC(ECC_BUF_SIZE);
+   ecc_shared = XMALLOC(ECC_BUF_SIZE);
+   skey       = XMALLOC(MAXBLOCKSIZE);
+   if (pub_expt == NULL || ecc_shared == NULL || skey == NULL) {
+      if (pub_expt != NULL) {
+         XFREE(pub_expt);
+      }
+      if (ecc_shared != NULL) {
+         XFREE(ecc_shared);
+      }
+      if (skey != NULL) {
+         XFREE(skey);
+      }
+      return CRYPT_MEM;
+   }
+   LTC_SET_ASN1(decode, 1, LTC_ASN1_OCTET_STRING,      pub_expt,  ECC_BUF_SIZE);
+   LTC_SET_ASN1(decode, 2, LTC_ASN1_OCTET_STRING,      skey,      MAXBLOCKSIZE);
+
+   /* read the structure in now */
+   if ((err = der_decode_sequence(in, inlen, decode, 3)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+
+   /* import ECC key from packet */
+   if ((err = ecc_import(decode[1].data, decode[1].size, &pubkey)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+
+   /* make shared key */
+   x = ECC_BUF_SIZE;
+   if ((err = ecc_shared_secret(key, &pubkey, ecc_shared, &x)) != CRYPT_OK) {
+      ecc_free(&pubkey);
+      goto LBL_ERR;
+   }
+   ecc_free(&pubkey);
+
+   y = MIN(ECC_BUF_SIZE, MAXBLOCKSIZE);
+   if ((err = hash_memory(hash, ecc_shared, x, ecc_shared, &y)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+
+   /* ensure the hash of the shared secret is at least as big as the encrypt itself */
+   if (decode[2].size > y) {
+      err = CRYPT_INVALID_PACKET;
+      goto LBL_ERR;
+   }
+
+   /* avoid buffer overflow */
+   if (*outlen < decode[2].size) {
+      *outlen = decode[2].size;
+      err = CRYPT_BUFFER_OVERFLOW;
+      goto LBL_ERR;
+   }
+
+   /* Decrypt the key */
+   for (x = 0; x < decode[2].size; x++) {
+     out[x] = skey[x] ^ ecc_shared[x];
+   }
+   *outlen = x;
+
+   err = CRYPT_OK;
+LBL_ERR:
+#ifdef LTC_CLEAN_STACK
+   zeromem(pub_expt,   ECC_BUF_SIZE);
+   zeromem(ecc_shared, ECC_BUF_SIZE);
+   zeromem(skey,       MAXBLOCKSIZE);
+#endif
+
+   XFREE(pub_expt);
+   XFREE(ecc_shared);
+   XFREE(skey);
+
+   return err;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_decrypt_key.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/06/16 21:53:41 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ecc_encrypt_key.c b/libtomcrypt/src/pk/ecc/ecc_encrypt_key.c
new file mode 100644
index 0000000..dd9bab0
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ecc_encrypt_key.c
@@ -0,0 +1,136 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ecc_encrypt_key.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+/**
+  Encrypt a symmetric key with ECC 
+  @param in         The symmetric key you want to encrypt
+  @param inlen      The length of the key to encrypt (octets)
+  @param out        [out] The destination for the ciphertext
+  @param outlen     [in/out] The max size and resulting size of the ciphertext
+  @param prng       An active PRNG state
+  @param wprng      The index of the PRNG you wish to use 
+  @param hash       The index of the hash you want to use 
+  @param key        The ECC key you want to encrypt to
+  @return CRYPT_OK if successful
+*/
+int ecc_encrypt_key(const unsigned char *in,   unsigned long inlen,
+                          unsigned char *out,  unsigned long *outlen, 
+                          prng_state *prng, int wprng, int hash, 
+                          ecc_key *key)
+{
+    unsigned char *pub_expt, *ecc_shared, *skey;
+    ecc_key        pubkey;
+    unsigned long  x, y, pubkeysize;
+    int            err;
+
+    LTC_ARGCHK(in      != NULL);
+    LTC_ARGCHK(out     != NULL);
+    LTC_ARGCHK(outlen  != NULL);
+    LTC_ARGCHK(key     != NULL);
+
+    /* check that wprng/cipher/hash are not invalid */
+    if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
+       return err;
+    }
+
+    if ((err = hash_is_valid(hash)) != CRYPT_OK) {
+       return err;
+    }
+
+    if (inlen > hash_descriptor[hash].hashsize) {
+       return CRYPT_INVALID_HASH;
+    }
+
+    /* make a random key and export the public copy */
+    if ((err = ecc_make_key_ex(prng, wprng, &pubkey, key->dp)) != CRYPT_OK) {
+       return err;
+    }
+
+    pub_expt   = XMALLOC(ECC_BUF_SIZE);
+    ecc_shared = XMALLOC(ECC_BUF_SIZE);
+    skey       = XMALLOC(MAXBLOCKSIZE);
+    if (pub_expt == NULL || ecc_shared == NULL || skey == NULL) {
+       if (pub_expt != NULL) {
+          XFREE(pub_expt);
+       }
+       if (ecc_shared != NULL) {
+          XFREE(ecc_shared);
+       }
+       if (skey != NULL) {
+          XFREE(skey);
+       }
+       ecc_free(&pubkey);
+       return CRYPT_MEM;
+    }
+
+    pubkeysize = ECC_BUF_SIZE;
+    if ((err = ecc_export(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey)) != CRYPT_OK) {
+       ecc_free(&pubkey);
+       goto LBL_ERR;
+    }
+    
+    /* make random key */
+    x        = ECC_BUF_SIZE;
+    if ((err = ecc_shared_secret(&pubkey, key, ecc_shared, &x)) != CRYPT_OK) {
+       ecc_free(&pubkey);
+       goto LBL_ERR;
+    }
+    ecc_free(&pubkey);
+    y = MAXBLOCKSIZE;
+    if ((err = hash_memory(hash, ecc_shared, x, skey, &y)) != CRYPT_OK) {
+       goto LBL_ERR;
+    }
+    
+    /* Encrypt key */
+    for (x = 0; x < inlen; x++) {
+      skey[x] ^= in[x];
+    }
+
+    err = der_encode_sequence_multi(out, outlen,
+                                    LTC_ASN1_OBJECT_IDENTIFIER,  hash_descriptor[hash].OIDlen,   hash_descriptor[hash].OID,
+                                    LTC_ASN1_OCTET_STRING,       pubkeysize,                     pub_expt,
+                                    LTC_ASN1_OCTET_STRING,       inlen,                          skey,
+                                    LTC_ASN1_EOL,                0UL,                            NULL);
+
+LBL_ERR:
+#ifdef LTC_CLEAN_STACK
+    /* clean up */
+    zeromem(pub_expt,   ECC_BUF_SIZE);
+    zeromem(ecc_shared, ECC_BUF_SIZE);
+    zeromem(skey,       MAXBLOCKSIZE);
+#endif
+
+    XFREE(skey);
+    XFREE(ecc_shared);
+    XFREE(pub_expt);
+
+    return err;
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_encrypt_key.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/11/21 00:10:18 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ecc_export.c b/libtomcrypt/src/pk/ecc/ecc_export.c
new file mode 100644
index 0000000..1919849
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ecc_export.c
@@ -0,0 +1,82 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ecc_export.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+/**
+  Export an ECC key as a binary packet
+  @param out     [out] Destination for the key
+  @param outlen  [in/out] Max size and resulting size of the exported key
+  @param type    The type of key you want to export (PK_PRIVATE or PK_PUBLIC)
+  @param key     The key to export
+  @return CRYPT_OK if successful
+*/
+int ecc_export(unsigned char *out, unsigned long *outlen, int type, ecc_key *key)
+{
+   int           err;
+   unsigned char flags[1];
+   unsigned long key_size;
+
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+   LTC_ARGCHK(key    != NULL);
+   
+   /* type valid? */
+   if (key->type != PK_PRIVATE && type == PK_PRIVATE) {
+      return CRYPT_PK_TYPE_MISMATCH;
+   }
+
+   if (ltc_ecc_is_valid_idx(key->idx) == 0) {
+      return CRYPT_INVALID_ARG;
+   }
+
+   /* we store the NIST byte size */
+   key_size = key->dp->size;
+
+   if (type == PK_PRIVATE) {
+       flags[0] = 1;
+       err = der_encode_sequence_multi(out, outlen,
+                                 LTC_ASN1_BIT_STRING,      1UL, flags,
+                                 LTC_ASN1_SHORT_INTEGER,   1UL, &key_size,
+                                 LTC_ASN1_INTEGER,         1UL, key->pubkey.x,
+                                 LTC_ASN1_INTEGER,         1UL, key->pubkey.y,
+                                 LTC_ASN1_INTEGER,         1UL, key->k,
+                                 LTC_ASN1_EOL,             0UL, NULL);
+   } else {
+       flags[0] = 0;
+       err = der_encode_sequence_multi(out, outlen,
+                                 LTC_ASN1_BIT_STRING,      1UL, flags,
+                                 LTC_ASN1_SHORT_INTEGER,   1UL, &key_size,
+                                 LTC_ASN1_INTEGER,         1UL, key->pubkey.x,
+                                 LTC_ASN1_INTEGER,         1UL, key->pubkey.y,
+                                 LTC_ASN1_EOL,             0UL, NULL);
+   }
+
+   return err;
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_export.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/11/21 00:10:18 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ecc_free.c b/libtomcrypt/src/pk/ecc/ecc_free.c
new file mode 100644
index 0000000..039178d
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ecc_free.c
@@ -0,0 +1,40 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ecc_free.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+/**
+  Free an ECC key from memory
+  @param key   The key you wish to free
+*/
+void ecc_free(ecc_key *key)
+{
+   LTC_ARGCHKVD(key != NULL);
+   mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL);
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_free.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/06/09 01:38:14 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ecc_get_size.c b/libtomcrypt/src/pk/ecc/ecc_get_size.c
new file mode 100644
index 0000000..9eafdeb
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ecc_get_size.c
@@ -0,0 +1,44 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ecc_get_size.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+/**
+  Get the size of an ECC key
+  @param key    The key to get the size of 
+  @return The size (octets) of the key or INT_MAX on error
+*/
+int ecc_get_size(ecc_key *key)
+{
+   LTC_ARGCHK(key != NULL);
+   if (ltc_ecc_is_valid_idx(key->idx))
+      return key->dp->size;
+   else
+      return INT_MAX; /* large value known to cause it to fail when passed to ecc_make_key() */
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_get_size.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/11/21 00:10:18 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ecc_import.c b/libtomcrypt/src/pk/ecc/ecc_import.c
new file mode 100644
index 0000000..4adb28e
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ecc_import.c
@@ -0,0 +1,172 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ecc_import.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+static int is_point(ecc_key *key)
+{
+   void *prime, *b, *t1, *t2;
+   int err;
+   
+   if ((err = mp_init_multi(&prime, &b, &t1, &t2, NULL)) != CRYPT_OK) {
+      return err;
+   }
+   
+   /* load prime and b */
+   if ((err = mp_read_radix(prime, key->dp->prime, 16)) != CRYPT_OK)                          { goto error; }
+   if ((err = mp_read_radix(b, key->dp->B, 16)) != CRYPT_OK)                                  { goto error; }
+   
+   /* compute y^2 */
+   if ((err = mp_sqr(key->pubkey.y, t1)) != CRYPT_OK)                                         { goto error; }
+   
+   /* compute x^3 */
+   if ((err = mp_sqr(key->pubkey.x, t2)) != CRYPT_OK)                                         { goto error; }
+   if ((err = mp_mod(t2, prime, t2)) != CRYPT_OK)                                             { goto error; }
+   if ((err = mp_mul(key->pubkey.x, t2, t2)) != CRYPT_OK)                                     { goto error; }
+   
+   /* compute y^2 - x^3 */
+   if ((err = mp_sub(t1, t2, t1)) != CRYPT_OK)                                                { goto error; }
+   
+   /* compute y^2 - x^3 + 3x */
+   if ((err = mp_add(t1, key->pubkey.x, t1)) != CRYPT_OK)                                     { goto error; }
+   if ((err = mp_add(t1, key->pubkey.x, t1)) != CRYPT_OK)                                     { goto error; }
+   if ((err = mp_add(t1, key->pubkey.x, t1)) != CRYPT_OK)                                     { goto error; }
+   if ((err = mp_mod(t1, prime, t1)) != CRYPT_OK)                                             { goto error; }
+   while (mp_cmp_d(t1, 0) == LTC_MP_LT) {
+      if ((err = mp_add(t1, prime, t1)) != CRYPT_OK)                                          { goto error; }
+   }
+   while (mp_cmp(t1, prime) != LTC_MP_LT) {
+      if ((err = mp_sub(t1, prime, t1)) != CRYPT_OK)                                          { goto error; }
+   }
+   
+   /* compare to b */
+   if (mp_cmp(t1, b) != LTC_MP_EQ) {
+      err = CRYPT_INVALID_PACKET;
+   } else {
+      err = CRYPT_OK;
+   }
+   
+error:
+   mp_clear_multi(prime, b, t1, t2, NULL);
+   return err;
+}
+
+/**
+  Import an ECC key from a binary packet
+  @param in      The packet to import
+  @param inlen   The length of the packet
+  @param key     [out] The destination of the import
+  @return CRYPT_OK if successful, upon error all allocated memory will be freed
+*/
+int ecc_import(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+   return ecc_import_ex(in, inlen, key, NULL);
+}
+
+/**
+  Import an ECC key from a binary packet, using user supplied domain params rather than one of the NIST ones
+  @param in      The packet to import
+  @param inlen   The length of the packet
+  @param key     [out] The destination of the import
+  @param dp      pointer to user supplied params; must be the same as the params used when exporting
+  @return CRYPT_OK if successful, upon error all allocated memory will be freed
+*/
+int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_set_type *dp)
+{
+   unsigned long key_size;
+   unsigned char flags[1];
+   int           err;
+
+   LTC_ARGCHK(in  != NULL);
+   LTC_ARGCHK(key != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+
+   /* init key */
+   if (mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, NULL) != CRYPT_OK) {
+      return CRYPT_MEM;
+   }
+
+   /* find out what type of key it is */
+   if ((err = der_decode_sequence_multi(in, inlen, 
+                                  LTC_ASN1_BIT_STRING, 1UL, &flags,
+                                  LTC_ASN1_EOL,        0UL, NULL)) != CRYPT_OK) {
+      goto done;
+   }
+
+
+   if (flags[0] == 1) {
+      /* private key */
+      key->type = PK_PRIVATE;
+      if ((err = der_decode_sequence_multi(in, inlen,
+                                     LTC_ASN1_BIT_STRING,      1UL, flags,
+                                     LTC_ASN1_SHORT_INTEGER,   1UL, &key_size,
+                                     LTC_ASN1_INTEGER,         1UL, key->pubkey.x,
+                                     LTC_ASN1_INTEGER,         1UL, key->pubkey.y,
+                                     LTC_ASN1_INTEGER,         1UL, key->k,
+                                     LTC_ASN1_EOL,             0UL, NULL)) != CRYPT_OK) {
+         goto done;
+      }
+   } else {
+      /* public key */
+      key->type = PK_PUBLIC;
+      if ((err = der_decode_sequence_multi(in, inlen,
+                                     LTC_ASN1_BIT_STRING,      1UL, flags,
+                                     LTC_ASN1_SHORT_INTEGER,   1UL, &key_size,
+                                     LTC_ASN1_INTEGER,         1UL, key->pubkey.x,
+                                     LTC_ASN1_INTEGER,         1UL, key->pubkey.y,
+                                     LTC_ASN1_EOL,             0UL, NULL)) != CRYPT_OK) {
+         goto done;
+      }
+   }
+
+   if (dp == NULL) {
+     /* find the idx */
+     for (key->idx = 0; ltc_ecc_sets[key->idx].size && (unsigned long)ltc_ecc_sets[key->idx].size != key_size; ++key->idx);
+     if (ltc_ecc_sets[key->idx].size == 0) {
+       err = CRYPT_INVALID_PACKET;
+       goto done;
+     }
+     key->dp = &ltc_ecc_sets[key->idx];
+   } else {
+     key->idx = -1;
+     key->dp = dp;
+   }
+   /* set z */
+   if ((err = mp_set(key->pubkey.z, 1)) != CRYPT_OK) { goto done; }
+   
+   /* is it a point on the curve?  */
+   if ((err = is_point(key)) != CRYPT_OK) {
+      goto done;
+   }
+
+   /* we're good */
+   return CRYPT_OK;
+done:
+   mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL);
+   return err;
+}
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_import.c,v $ */
+/* $Revision: 1.11 $ */
+/* $Date: 2006/12/04 02:19:48 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ecc_make_key.c b/libtomcrypt/src/pk/ecc/ecc_make_key.c
new file mode 100644
index 0000000..796b674
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ecc_make_key.c
@@ -0,0 +1,125 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ecc_make_key.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+/**
+  Make a new ECC key 
+  @param prng         An active PRNG state
+  @param wprng        The index of the PRNG you wish to use
+  @param keysize      The keysize for the new key (in octets from 20 to 65 bytes)
+  @param key          [out] Destination of the newly created key
+  @return CRYPT_OK if successful, upon error all allocated memory will be freed
+*/
+int ecc_make_key(prng_state *prng, int wprng, int keysize, ecc_key *key)
+{
+   int x, err;
+
+   /* find key size */
+   for (x = 0; (keysize > ltc_ecc_sets[x].size) && (ltc_ecc_sets[x].size != 0); x++);
+   keysize = ltc_ecc_sets[x].size;
+
+   if (keysize > ECC_MAXSIZE || ltc_ecc_sets[x].size == 0) {
+      return CRYPT_INVALID_KEYSIZE;
+   }
+   err = ecc_make_key_ex(prng, wprng, key, &ltc_ecc_sets[x]);
+   key->idx = x;
+   return err;
+}
+
+int ecc_make_key_ex(prng_state *prng, int wprng, ecc_key *key, const ltc_ecc_set_type *dp)
+{
+   int            err;
+   ecc_point     *base;
+   void          *prime;
+   unsigned char *buf;
+   int            keysize;
+
+   LTC_ARGCHK(key         != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+   LTC_ARGCHK(dp          != NULL);
+
+   /* good prng? */
+   if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
+      return err;
+   }
+
+   key->idx = -1;
+   key->dp  = dp;
+   keysize  = dp->size;
+
+   /* allocate ram */
+   base = NULL;
+   buf  = XMALLOC(ECC_MAXSIZE);
+   if (buf == NULL) {
+      return CRYPT_MEM;
+   }
+
+   /* make up random string */
+   if (prng_descriptor[wprng].read(buf, (unsigned long)keysize, prng) != (unsigned long)keysize) {
+      err = CRYPT_ERROR_READPRNG;
+      goto ERR_BUF;
+   }
+
+   /* setup the key variables */
+   if ((err = mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, &prime, NULL)) != CRYPT_OK) {
+      goto ERR_BUF;
+   }
+   base = ltc_ecc_new_point();
+   if (base == NULL) {
+      err = CRYPT_MEM;
+      goto errkey;
+   }
+
+   /* read in the specs for this key */
+   if ((err = mp_read_radix(prime,   (char *)key->dp->prime, 16)) != CRYPT_OK)                  { goto errkey; }
+   if ((err = mp_read_radix(base->x, (char *)key->dp->Gx, 16)) != CRYPT_OK)                     { goto errkey; }
+   if ((err = mp_read_radix(base->y, (char *)key->dp->Gy, 16)) != CRYPT_OK)                     { goto errkey; }
+   if ((err = mp_set(base->z, 1)) != CRYPT_OK)                                                  { goto errkey; }
+   if ((err = mp_read_unsigned_bin(key->k, (unsigned char *)buf, keysize)) != CRYPT_OK)         { goto errkey; }
+
+   /* make the public key */
+   if ((err = ltc_mp.ecc_ptmul(key->k, base, &key->pubkey, prime, 1)) != CRYPT_OK)              { goto errkey; }
+   key->type = PK_PRIVATE;
+
+   /* free up ram */
+   err = CRYPT_OK;
+   goto cleanup;
+errkey:
+   mp_clear_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, key->k, NULL);
+cleanup:
+   ltc_ecc_del_point(base);
+   mp_clear(prime);
+ERR_BUF:
+#ifdef LTC_CLEAN_STACK
+   zeromem(buf, ECC_MAXSIZE);
+#endif
+   XFREE(buf);
+   return err;
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_make_key.c,v $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/12/04 02:50:11 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ecc_shared_secret.c b/libtomcrypt/src/pk/ecc/ecc_shared_secret.c
new file mode 100644
index 0000000..ddef847
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ecc_shared_secret.c
@@ -0,0 +1,95 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ecc_shared_secret.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+/**
+  Create an ECC shared secret between two keys
+  @param private_key      The private ECC key
+  @param public_key       The public key
+  @param out              [out] Destination of the shared secret (Conforms to EC-DH from ANSI X9.63)
+  @param outlen           [in/out] The max size and resulting size of the shared secret
+  @return CRYPT_OK if successful
+*/
+int ecc_shared_secret(ecc_key *private_key, ecc_key *public_key,
+                      unsigned char *out, unsigned long *outlen)
+{
+   unsigned long  x;
+   ecc_point     *result;
+   void          *prime;
+   int            err;
+
+   LTC_ARGCHK(private_key != NULL);
+   LTC_ARGCHK(public_key  != NULL);
+   LTC_ARGCHK(out         != NULL);
+   LTC_ARGCHK(outlen      != NULL);
+
+   /* type valid? */
+   if (private_key->type != PK_PRIVATE) {
+      return CRYPT_PK_NOT_PRIVATE;
+   }
+
+   if (ltc_ecc_is_valid_idx(private_key->idx) == 0 || ltc_ecc_is_valid_idx(public_key->idx) == 0) {
+      return CRYPT_INVALID_ARG;
+   }
+
+   if (XSTRCMP(private_key->dp->name, public_key->dp->name) != 0) {
+      return CRYPT_PK_TYPE_MISMATCH;
+   }
+
+   /* make new point */
+   result = ltc_ecc_new_point();
+   if (result == NULL) {
+      return CRYPT_MEM;
+   }
+
+   if ((err = mp_init(&prime)) != CRYPT_OK) {
+      ltc_ecc_del_point(result);
+      return err;
+   }
+
+   if ((err = mp_read_radix(prime, (char *)private_key->dp->prime, 16)) != CRYPT_OK)                               { goto done; }
+   if ((err = ltc_mp.ecc_ptmul(private_key->k, &public_key->pubkey, result, prime, 1)) != CRYPT_OK)                { goto done; }
+
+   x = (unsigned long)mp_unsigned_bin_size(prime);
+   if (*outlen < x) {
+      *outlen = x;
+      err = CRYPT_BUFFER_OVERFLOW;
+      goto done;
+   }
+   zeromem(out, x);
+   if ((err = mp_to_unsigned_bin(result->x, out + (x - mp_unsigned_bin_size(result->x))))   != CRYPT_OK)           { goto done; }
+
+   err     = CRYPT_OK;
+   *outlen = x;
+done:
+   mp_clear(prime);
+   ltc_ecc_del_point(result);
+   return err;
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_shared_secret.c,v $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/12/04 02:19:48 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ecc_sign_hash.c b/libtomcrypt/src/pk/ecc/ecc_sign_hash.c
new file mode 100644
index 0000000..44f949e
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ecc_sign_hash.c
@@ -0,0 +1,114 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ecc_sign_hash.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+/**
+  Sign a message digest
+  @param in        The message digest to sign
+  @param inlen     The length of the digest
+  @param out       [out] The destination for the signature
+  @param outlen    [in/out] The max size and resulting size of the signature
+  @param prng      An active PRNG state
+  @param wprng     The index of the PRNG you wish to use
+  @param key       A private ECC key
+  @return CRYPT_OK if successful
+*/
+int ecc_sign_hash(const unsigned char *in,  unsigned long inlen, 
+                        unsigned char *out, unsigned long *outlen, 
+                        prng_state *prng, int wprng, ecc_key *key)
+{
+   ecc_key       pubkey;
+   void          *r, *s, *e, *p;
+   int           err;
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+   LTC_ARGCHK(key    != NULL);
+
+   /* is this a private key? */
+   if (key->type != PK_PRIVATE) {
+      return CRYPT_PK_NOT_PRIVATE;
+   }
+   
+   /* is the IDX valid ?  */
+   if (ltc_ecc_is_valid_idx(key->idx) != 1) {
+      return CRYPT_PK_INVALID_TYPE;
+   }
+   
+   if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
+      return err;
+   }
+
+   /* get the hash and load it as a bignum into 'e' */
+   /* init the bignums */
+   if ((err = mp_init_multi(&r, &s, &p, &e, NULL)) != CRYPT_OK) { 
+      return err;
+   }
+   if ((err = mp_read_radix(p, (char *)key->dp->order, 16)) != CRYPT_OK)                      { goto errnokey; }
+   if ((err = mp_read_unsigned_bin(e, (unsigned char *)in, (int)inlen)) != CRYPT_OK)          { goto errnokey; }
+
+   /* make up a key and export the public copy */
+   for (;;) {
+      if ((err = ecc_make_key_ex(prng, wprng, &pubkey, key->dp)) != CRYPT_OK) {
+         goto errnokey;
+      }
+
+      /* find r = x1 mod n */
+      if ((err = mp_mod(pubkey.pubkey.x, p, r)) != CRYPT_OK)                 { goto error; }
+
+      if (mp_iszero(r) == LTC_MP_YES) {
+         ecc_free(&pubkey);
+      } else { 
+        /* find s = (e + xr)/k */
+        if ((err = mp_invmod(pubkey.k, p, pubkey.k)) != CRYPT_OK)            { goto error; } /* k = 1/k */
+        if ((err = mp_mulmod(key->k, r, p, s)) != CRYPT_OK)                  { goto error; } /* s = xr */
+        if ((err = mp_add(e, s, s)) != CRYPT_OK)                             { goto error; } /* s = e +  xr */
+        if ((err = mp_mod(s, p, s)) != CRYPT_OK)                             { goto error; } /* s = e +  xr */
+        if ((err = mp_mulmod(s, pubkey.k, p, s)) != CRYPT_OK)                { goto error; } /* s = (e + xr)/k */
+        ecc_free(&pubkey);
+        if (mp_iszero(s) == LTC_MP_NO) {
+           break;
+        }
+      }
+   }
+
+   /* store as SEQUENCE { r, s -- integer } */
+   err = der_encode_sequence_multi(out, outlen,
+                             LTC_ASN1_INTEGER, 1UL, r,
+                             LTC_ASN1_INTEGER, 1UL, s,
+                             LTC_ASN1_EOL, 0UL, NULL);
+   goto errnokey;
+error:
+   ecc_free(&pubkey);
+errnokey:
+   mp_clear_multi(r, s, p, e, NULL);
+   return err;   
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_sign_hash.c,v $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/12/04 02:50:11 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ecc_sizes.c b/libtomcrypt/src/pk/ecc/ecc_sizes.c
new file mode 100644
index 0000000..f4b2d82
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ecc_sizes.c
@@ -0,0 +1,48 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ecc_sizes.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+void ecc_sizes(int *low, int *high)
+{
+ int i;
+ LTC_ARGCHKVD(low  != NULL);
+ LTC_ARGCHKVD(high != NULL);
+
+ *low = INT_MAX;
+ *high = 0;
+ for (i = 0; ltc_ecc_sets[i].size != 0; i++) {
+     if (ltc_ecc_sets[i].size < *low)  {
+        *low  = ltc_ecc_sets[i].size;
+     }
+     if (ltc_ecc_sets[i].size > *high) {
+        *high = ltc_ecc_sets[i].size;
+     }
+ }
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_sizes.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/06/09 01:38:14 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ecc_sys.c b/libtomcrypt/src/pk/ecc/ecc_sys.c
deleted file mode 100644
index 65ead31..0000000
--- a/libtomcrypt/src/pk/ecc/ecc_sys.c
+++ /dev/null
@@ -1,462 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
- */
-
-/**
-  @file ecc_sys.c
-  ECC Crypto, Tom St Denis
-*/
-  
-/**
-  Encrypt a symmetric key with ECC 
-  @param in         The symmetric key you want to encrypt
-  @param inlen      The length of the key to encrypt (octets)
-  @param out        [out] The destination for the ciphertext
-  @param outlen     [in/out] The max size and resulting size of the ciphertext
-  @param prng       An active PRNG state
-  @param wprng      The index of the PRNG you wish to use 
-  @param hash       The index of the hash you want to use 
-  @param key        The ECC key you want to encrypt to
-  @return CRYPT_OK if successful
-*/
-int ecc_encrypt_key(const unsigned char *in,   unsigned long inlen,
-                          unsigned char *out,  unsigned long *outlen, 
-                          prng_state *prng, int wprng, int hash, 
-                          ecc_key *key)
-{
-    unsigned char *pub_expt, *ecc_shared, *skey;
-    ecc_key        pubkey;
-    unsigned long  x, y, pubkeysize;
-    int            err;
-
-    LTC_ARGCHK(in      != NULL);
-    LTC_ARGCHK(out     != NULL);
-    LTC_ARGCHK(outlen  != NULL);
-    LTC_ARGCHK(key     != NULL);
-
-    /* check that wprng/cipher/hash are not invalid */
-    if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
-       return err;
-    }
-
-    if ((err = hash_is_valid(hash)) != CRYPT_OK) {
-       return err;
-    }
-
-    if (inlen > hash_descriptor[hash].hashsize) {
-       return CRYPT_INVALID_HASH;
-    }
-
-    /* make a random key and export the public copy */
-    if ((err = ecc_make_key(prng, wprng, ecc_get_size(key), &pubkey)) != CRYPT_OK) {
-       return err;
-    }
-
-    pub_expt   = XMALLOC(ECC_BUF_SIZE);
-    ecc_shared = XMALLOC(ECC_BUF_SIZE);
-    skey       = XMALLOC(MAXBLOCKSIZE);
-    if (pub_expt == NULL || ecc_shared == NULL || skey == NULL) {
-       if (pub_expt != NULL) {
-          XFREE(pub_expt);
-       }
-       if (ecc_shared != NULL) {
-          XFREE(ecc_shared);
-       }
-       if (skey != NULL) {
-          XFREE(skey);
-       }
-       ecc_free(&pubkey);
-       return CRYPT_MEM;
-    }
-
-    pubkeysize = ECC_BUF_SIZE;
-    if ((err = ecc_export(pub_expt, &pubkeysize, PK_PUBLIC, &pubkey)) != CRYPT_OK) {
-       ecc_free(&pubkey);
-       goto LBL_ERR;
-    }
-    
-    /* make random key */
-    x        = ECC_BUF_SIZE;
-    if ((err = ecc_shared_secret(&pubkey, key, ecc_shared, &x)) != CRYPT_OK) {
-       ecc_free(&pubkey);
-       goto LBL_ERR;
-    }
-    ecc_free(&pubkey);
-    y = MAXBLOCKSIZE;
-    if ((err = hash_memory(hash, ecc_shared, x, skey, &y)) != CRYPT_OK) {
-       goto LBL_ERR;
-    }
-    
-    /* Encrypt key */
-    for (x = 0; x < inlen; x++) {
-      skey[x] ^= in[x];
-    }
-
-    err = der_encode_sequence_multi(out, outlen,
-                                    LTC_ASN1_OBJECT_IDENTIFIER,  hash_descriptor[hash].OIDlen,   hash_descriptor[hash].OID,
-                                    LTC_ASN1_OCTET_STRING,       pubkeysize,                     pub_expt,
-                                    LTC_ASN1_OCTET_STRING,       inlen,                          skey,
-                                    LTC_ASN1_EOL,                0UL,                            NULL);
-
-LBL_ERR:
-#ifdef LTC_CLEAN_STACK
-    /* clean up */
-    zeromem(pub_expt,   ECC_BUF_SIZE);
-    zeromem(ecc_shared, ECC_BUF_SIZE);
-    zeromem(skey,       MAXBLOCKSIZE);
-#endif
-
-    XFREE(skey);
-    XFREE(ecc_shared);
-    XFREE(pub_expt);
-
-    return err;
-}
-
-/**
-  Decrypt an ECC encrypted key
-  @param in       The ciphertext
-  @param inlen    The length of the ciphertext (octets)
-  @param out      [out] The plaintext
-  @param outlen   [in/out] The max size and resulting size of the plaintext
-  @param key      The corresponding private ECC key
-  @return CRYPT_OK if successful
-*/
-int ecc_decrypt_key(const unsigned char *in,  unsigned long  inlen,
-                          unsigned char *out, unsigned long *outlen, 
-                          ecc_key *key)
-{
-   unsigned char *ecc_shared, *skey, *pub_expt;
-   unsigned long  x, y, hashOID[32];
-   int            hash, err;
-   ecc_key        pubkey;
-   ltc_asn1_list  decode[3];
-
-   LTC_ARGCHK(in     != NULL);
-   LTC_ARGCHK(out    != NULL);
-   LTC_ARGCHK(outlen != NULL);
-   LTC_ARGCHK(key    != NULL);
-
-   /* right key type? */
-   if (key->type != PK_PRIVATE) {
-      return CRYPT_PK_NOT_PRIVATE;
-   }
-   
-   /* decode to find out hash */
-   LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0]));
- 
-   if ((err = der_decode_sequence(in, inlen, decode, 1)) != CRYPT_OK) {
-      return err;
-   }
-   for (hash = 0; hash_descriptor[hash].name   != NULL             && 
-                  (hash_descriptor[hash].OIDlen != decode[0].size   || 
-                   memcmp(hash_descriptor[hash].OID, hashOID, sizeof(unsigned long)*decode[0].size)); hash++);
-
-   if (hash_descriptor[hash].name == NULL) {
-      return CRYPT_INVALID_PACKET;
-   }
-
-   /* we now have the hash! */
-
-   /* allocate memory */
-   pub_expt   = XMALLOC(ECC_BUF_SIZE);
-   ecc_shared = XMALLOC(ECC_BUF_SIZE);
-   skey       = XMALLOC(MAXBLOCKSIZE);
-   if (pub_expt == NULL || ecc_shared == NULL || skey == NULL) {
-      if (pub_expt != NULL) {
-         XFREE(pub_expt);
-      }
-      if (ecc_shared != NULL) {
-         XFREE(ecc_shared);
-      }
-      if (skey != NULL) {
-         XFREE(skey);
-      }
-      return CRYPT_MEM;
-   }
-   LTC_SET_ASN1(decode, 1, LTC_ASN1_OCTET_STRING,      pub_expt,  ECC_BUF_SIZE);
-   LTC_SET_ASN1(decode, 2, LTC_ASN1_OCTET_STRING,      skey,      MAXBLOCKSIZE);
-
-   /* read the structure in now */
-   if ((err = der_decode_sequence(in, inlen, decode, 3)) != CRYPT_OK) {
-      goto LBL_ERR;
-   }
-
-   /* import ECC key from packet */
-   if ((err = ecc_import(decode[1].data, decode[1].size, &pubkey)) != CRYPT_OK) {
-      goto LBL_ERR;
-   }
-
-   /* make shared key */
-   x = ECC_BUF_SIZE;
-   if ((err = ecc_shared_secret(key, &pubkey, ecc_shared, &x)) != CRYPT_OK) {
-      ecc_free(&pubkey);
-      goto LBL_ERR;
-   }
-   ecc_free(&pubkey);
-
-   y = MAXBLOCKSIZE;
-   if ((err = hash_memory(hash, ecc_shared, x, ecc_shared, &y)) != CRYPT_OK) {
-      goto LBL_ERR;
-   }
-
-   /* ensure the hash of the shared secret is at least as big as the encrypt itself */
-   if (decode[2].size > y) {
-      err = CRYPT_INVALID_PACKET;
-      goto LBL_ERR;
-   }
-
-   /* avoid buffer overflow */
-   if (*outlen < decode[2].size) {
-      err = CRYPT_BUFFER_OVERFLOW;
-      goto LBL_ERR;
-   }
-
-   /* Decrypt the key */
-   for (x = 0; x < decode[2].size; x++) {
-     out[x] = skey[x] ^ ecc_shared[x];
-   }
-   *outlen = x;
-
-   err = CRYPT_OK;
-LBL_ERR:
-#ifdef LTC_CLEAN_STACK
-   zeromem(pub_expt,   ECC_BUF_SIZE);
-   zeromem(ecc_shared, ECC_BUF_SIZE);
-   zeromem(skey,       MAXBLOCKSIZE);
-#endif
-
-   XFREE(pub_expt);
-   XFREE(ecc_shared);
-   XFREE(skey);
-
-   return err;
-}
-
-/**
-  Sign a message digest
-  @param in        The message digest to sign
-  @param inlen     The length of the digest
-  @param out       [out] The destination for the signature
-  @param outlen    [in/out] The max size and resulting size of the signature
-  @param prng      An active PRNG state
-  @param wprng     The index of the PRNG you wish to use
-  @param key       A private ECC key
-  @return CRYPT_OK if successful
-*/
-int ecc_sign_hash(const unsigned char *in,  unsigned long inlen, 
-                        unsigned char *out, unsigned long *outlen, 
-                        prng_state *prng, int wprng, ecc_key *key)
-{
-   ecc_key       pubkey;
-   mp_int        r, s, e, p;
-   int           err;
-
-   LTC_ARGCHK(in     != NULL);
-   LTC_ARGCHK(out    != NULL);
-   LTC_ARGCHK(outlen != NULL);
-   LTC_ARGCHK(key    != NULL);
-
-   /* is this a private key? */
-   if (key->type != PK_PRIVATE) {
-      return CRYPT_PK_NOT_PRIVATE;
-   }
-   
-   /* is the IDX valid ?  */
-   if (is_valid_idx(key->idx) != 1) {
-      return CRYPT_PK_INVALID_TYPE;
-   }
-   
-   if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
-      return err;
-   }
-
-   /* get the hash and load it as a bignum into 'e' */
-   /* init the bignums */
-   if ((err = mp_init_multi(&r, &s, &p, &e, NULL)) != MP_OKAY) { 
-      ecc_free(&pubkey);
-      err = mpi_to_ltc_error(err);
-      goto LBL_ERR;
-   }
-   if ((err = mp_read_radix(&p, (char *)sets[key->idx].order, 64)) != MP_OKAY)        { goto error; }
-   if ((err = mp_read_unsigned_bin(&e, (unsigned char *)in, (int)inlen)) != MP_OKAY)  { goto error; }
-
-   /* make up a key and export the public copy */
-   for (;;) {
-      if ((err = ecc_make_key(prng, wprng, ecc_get_size(key), &pubkey)) != CRYPT_OK) {
-         return err;
-      }
-
-      /* find r = x1 mod n */
-      if ((err = mp_mod(&pubkey.pubkey.x, &p, &r)) != MP_OKAY)                           { goto error; }
-
-      if (mp_iszero(&r)) {
-         ecc_free(&pubkey);
-      } else { 
-        /* find s = (e + xr)/k */
-        if ((err = mp_invmod(&pubkey.k, &p, &pubkey.k)) != MP_OKAY)            { goto error; } /* k = 1/k */
-        if ((err = mp_mulmod(&key->k, &r, &p, &s)) != MP_OKAY)                 { goto error; } /* s = xr */
-        if ((err = mp_addmod(&e, &s, &p, &s)) != MP_OKAY)                      { goto error; } /* s = e +  xr */
-        if ((err = mp_mulmod(&s, &pubkey.k, &p, &s)) != MP_OKAY)               { goto error; } /* s = (e + xr)/k */
-
-        if (mp_iszero(&s)) {
-           ecc_free(&pubkey);
-        } else {
-           break;
-        }
-      }
-   }
-
-   /* store as SEQUENCE { r, s -- integer } */
-   err = der_encode_sequence_multi(out, outlen,
-                             LTC_ASN1_INTEGER, 1UL, &r,
-                             LTC_ASN1_INTEGER, 1UL, &s,
-                             LTC_ASN1_EOL, 0UL, NULL);
-   goto LBL_ERR;
-error:
-   err = mpi_to_ltc_error(err);
-LBL_ERR:
-   mp_clear_multi(&r, &s, &p, &e, NULL);
-   ecc_free(&pubkey);
-
-   return err;   
-}
-
-/* verify 
- *
- * w  = s^-1 mod n
- * u1 = xw 
- * u2 = rw
- * X = u1*G + u2*Q
- * v = X_x1 mod n
- * accept if v == r
- */
-
-/**
-   Verify an ECC signature
-   @param sig         The signature to verify
-   @param siglen      The length of the signature (octets)
-   @param hash        The hash (message digest) that was signed
-   @param hashlen     The length of the hash (octets)
-   @param stat        Result of signature, 1==valid, 0==invalid
-   @param key         The corresponding public ECC key
-   @return CRYPT_OK if successful (even if the signature is not valid)
-*/
-int ecc_verify_hash(const unsigned char *sig,  unsigned long siglen,
-                    const unsigned char *hash, unsigned long hashlen, 
-                    int *stat, ecc_key *key)
-{
-   ecc_point    *mG, *mQ;
-   mp_int        r, s, v, w, u1, u2, e, p, m;
-   mp_digit      mp;
-   int           err;
-
-   LTC_ARGCHK(sig  != NULL);
-   LTC_ARGCHK(hash != NULL);
-   LTC_ARGCHK(stat != NULL);
-   LTC_ARGCHK(key  != NULL);
-
-   /* default to invalid signature */
-   *stat = 0;
-
-   /* is the IDX valid ?  */
-   if (is_valid_idx(key->idx) != 1) {
-      return CRYPT_PK_INVALID_TYPE;
-   }
-
-   /* allocate ints */
-   if ((err = mp_init_multi(&r, &s, &v, &w, &u1, &u2, &p, &e, &m, NULL)) != MP_OKAY) {
-      return CRYPT_MEM;
-   }
-
-   /* allocate points */
-   mG = new_point();
-   mQ = new_point();
-   if (mQ  == NULL || mG == NULL) {
-      err = CRYPT_MEM;
-      goto done;
-   }
-
-   /* parse header */
-   if ((err = der_decode_sequence_multi(sig, siglen,
-                                  LTC_ASN1_INTEGER, 1UL, &r,
-                                  LTC_ASN1_INTEGER, 1UL, &s,
-                                  LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
-      goto done;
-   }
-
-   /* get the order */
-   if ((err = mp_read_radix(&p, (char *)sets[key->idx].order, 64)) != MP_OKAY)                  { goto error; }
-
-   /* get the modulus */
-   if ((err = mp_read_radix(&m, (char *)sets[key->idx].prime, 64)) != MP_OKAY)                  { goto error; }
-
-   /* check for zero */
-   if (mp_iszero(&r) || mp_iszero(&s) || mp_cmp(&r, &p) != MP_LT || mp_cmp(&s, &p) != MP_LT) {
-      err = CRYPT_INVALID_PACKET;
-      goto done;
-   }
-
-   /* read hash */
-   if ((err = mp_read_unsigned_bin(&e, (unsigned char *)hash, (int)hashlen)) != MP_OKAY)        { goto error; }
-
-   /*  w  = s^-1 mod n */
-   if ((err = mp_invmod(&s, &p, &w)) != MP_OKAY)                                                { goto error; }
-
-   /* u1 = ew */
-   if ((err = mp_mulmod(&e, &w, &p, &u1)) != MP_OKAY)                                           { goto error; }
-
-   /* u2 = rw */
-   if ((err = mp_mulmod(&r, &w, &p, &u2)) != MP_OKAY)                                           { goto error; }
-
-   /* find mG = u1*G */
-   if ((err = mp_read_radix(&mG->x, (char *)sets[key->idx].Gx, 64)) != MP_OKAY)                 { goto error; }
-   if ((err = mp_read_radix(&mG->y, (char *)sets[key->idx].Gy, 64)) != MP_OKAY)                 { goto error; }
-   mp_set(&mG->z, 1);  
-   if ((err = ecc_mulmod(&u1, mG, mG, &m, 0)) != CRYPT_OK)                                      { goto done; }
-
-   /* find mQ = u2*Q */
-   if ((err = mp_copy(&key->pubkey.x, &mQ->x)) != MP_OKAY)                                      { goto error; }
-   if ((err = mp_copy(&key->pubkey.y, &mQ->y)) != MP_OKAY)                                      { goto error; }
-   if ((err = mp_copy(&key->pubkey.z, &mQ->z)) != MP_OKAY)                                      { goto error; }
-   if ((err = ecc_mulmod(&u2, mQ, mQ, &m, 0)) != CRYPT_OK)                                      { goto done; }
-  
-   /* find the montgomery mp */
-   if ((err = mp_montgomery_setup(&m, &mp)) != MP_OKAY)                                         { goto error; }
-   /* add them */
-   if ((err = add_point(mQ, mG, mG, &m, mp)) != CRYPT_OK)                                       { goto done; }
-   
-   /* reduce */
-   if ((err = ecc_map(mG, &m, mp)) != CRYPT_OK)                                                 { goto done; }
-
-   /* v = X_x1 mod n */
-   if ((err = mp_mod(&mG->x, &p, &v)) != CRYPT_OK)                                              { goto done; }
-
-   /* does v == r */
-   if (mp_cmp(&v, &r) == MP_EQ) {
-      *stat = 1;
-   }
-
-   /* clear up and return */
-   err = CRYPT_OK;
-   goto done;
-error:
-   err = mpi_to_ltc_error(err);
-done:
-   del_point(mG);
-   del_point(mQ);
-   mp_clear_multi(&r, &s, &v, &w, &u1, &u2, &p, &e, &m, NULL);
-   return err;
-}
-
-
-/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_sys.c,v $ */
-/* $Revision: 1.18 $ */
-/* $Date: 2005/06/14 20:47:55 $ */
diff --git a/libtomcrypt/src/pk/ecc/ecc_test.c b/libtomcrypt/src/pk/ecc/ecc_test.c
new file mode 100644
index 0000000..faa167c
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ecc_test.c
@@ -0,0 +1,95 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ecc_test.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+/**
+  Perform on the ECC system
+  @return CRYPT_OK if successful
+*/
+int ecc_test(void)
+{
+   void     *modulus, *order;
+   ecc_point  *G, *GG;
+   int i, err, primality;
+
+   if ((err = mp_init_multi(&modulus, &order, NULL)) != CRYPT_OK) {
+      return err;
+   }
+
+   G   = ltc_ecc_new_point();
+   GG  = ltc_ecc_new_point();
+   if (G == NULL || GG == NULL) {
+      mp_clear_multi(modulus, order, NULL);
+      ltc_ecc_del_point(G);
+      ltc_ecc_del_point(GG);
+      return CRYPT_MEM;
+   }
+
+   for (i = 0; ltc_ecc_sets[i].size; i++) {
+       #if 0
+          printf("Testing %d\n", ltc_ecc_sets[i].size);
+       #endif
+       if ((err = mp_read_radix(modulus, (char *)ltc_ecc_sets[i].prime, 16)) != CRYPT_OK)   { goto done; }
+       if ((err = mp_read_radix(order, (char *)ltc_ecc_sets[i].order, 16)) != CRYPT_OK)     { goto done; }
+
+       /* is prime actually prime? */
+       if ((err = mp_prime_is_prime(modulus, 8, &primality)) != CRYPT_OK)                   { goto done; }
+       if (primality == 0) {
+          err = CRYPT_FAIL_TESTVECTOR;
+          goto done;
+       }
+
+       /* is order prime ? */
+       if ((err = mp_prime_is_prime(order, 8, &primality)) != CRYPT_OK)                     { goto done; }
+       if (primality == 0) {
+          err = CRYPT_FAIL_TESTVECTOR;
+          goto done;
+       }
+
+       if ((err = mp_read_radix(G->x, (char *)ltc_ecc_sets[i].Gx, 16)) != CRYPT_OK)         { goto done; }
+       if ((err = mp_read_radix(G->y, (char *)ltc_ecc_sets[i].Gy, 16)) != CRYPT_OK)         { goto done; }
+       mp_set(G->z, 1);
+
+       /* then we should have G == (order + 1)G */
+       if ((err = mp_add_d(order, 1, order)) != CRYPT_OK)                                   { goto done; }
+       if ((err = ltc_mp.ecc_ptmul(order, G, GG, modulus, 1)) != CRYPT_OK)                  { goto done; }
+       if (mp_cmp(G->x, GG->x) != LTC_MP_EQ || mp_cmp(G->y, GG->y) != LTC_MP_EQ) {
+          err = CRYPT_FAIL_TESTVECTOR;
+          goto done;
+       }
+   }
+   err = CRYPT_OK;
+done:
+   ltc_ecc_del_point(GG);
+   ltc_ecc_del_point(G);
+   mp_clear_multi(order, modulus, NULL);
+   return err;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_test.c,v $ */
+/* $Revision: 1.10 $ */
+/* $Date: 2006/12/04 02:19:48 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ecc_verify_hash.c b/libtomcrypt/src/pk/ecc/ecc_verify_hash.c
new file mode 100644
index 0000000..bd8a840
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ecc_verify_hash.c
@@ -0,0 +1,165 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ecc_verify_hash.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+/* verify 
+ *
+ * w  = s^-1 mod n
+ * u1 = xw 
+ * u2 = rw
+ * X = u1*G + u2*Q
+ * v = X_x1 mod n
+ * accept if v == r
+ */
+
+/**
+   Verify an ECC signature
+   @param sig         The signature to verify
+   @param siglen      The length of the signature (octets)
+   @param hash        The hash (message digest) that was signed
+   @param hashlen     The length of the hash (octets)
+   @param stat        Result of signature, 1==valid, 0==invalid
+   @param key         The corresponding public ECC key
+   @return CRYPT_OK if successful (even if the signature is not valid)
+*/
+int ecc_verify_hash(const unsigned char *sig,  unsigned long siglen,
+                    const unsigned char *hash, unsigned long hashlen, 
+                    int *stat, ecc_key *key)
+{
+   ecc_point    *mG, *mQ;
+   void          *r, *s, *v, *w, *u1, *u2, *e, *p, *m;
+   void          *mp;
+   int           err;
+
+   LTC_ARGCHK(sig  != NULL);
+   LTC_ARGCHK(hash != NULL);
+   LTC_ARGCHK(stat != NULL);
+   LTC_ARGCHK(key  != NULL);
+
+   /* default to invalid signature */
+   *stat = 0;
+   mp    = NULL;
+
+   /* is the IDX valid ?  */
+   if (ltc_ecc_is_valid_idx(key->idx) != 1) {
+      return CRYPT_PK_INVALID_TYPE;
+   }
+
+   /* allocate ints */
+   if ((err = mp_init_multi(&r, &s, &v, &w, &u1, &u2, &p, &e, &m, NULL)) != CRYPT_OK) {
+      return CRYPT_MEM;
+   }
+
+   /* allocate points */
+   mG = ltc_ecc_new_point();
+   mQ = ltc_ecc_new_point();
+   if (mQ  == NULL || mG == NULL) {
+      err = CRYPT_MEM;
+      goto error;
+   }
+
+   /* parse header */
+   if ((err = der_decode_sequence_multi(sig, siglen,
+                                  LTC_ASN1_INTEGER, 1UL, r,
+                                  LTC_ASN1_INTEGER, 1UL, s,
+                                  LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
+      goto error;
+   }
+
+   /* get the order */
+   if ((err = mp_read_radix(p, (char *)key->dp->order, 16)) != CRYPT_OK)                                { goto error; }
+
+   /* get the modulus */
+   if ((err = mp_read_radix(m, (char *)key->dp->prime, 16)) != CRYPT_OK)                                { goto error; }
+
+   /* check for zero */
+   if (mp_iszero(r) || mp_iszero(s) || mp_cmp(r, p) != LTC_MP_LT || mp_cmp(s, p) != LTC_MP_LT) {
+      err = CRYPT_INVALID_PACKET;
+      goto error;
+   }
+
+   /* read hash */
+   if ((err = mp_read_unsigned_bin(e, (unsigned char *)hash, (int)hashlen)) != CRYPT_OK)                { goto error; }
+
+   /*  w  = s^-1 mod n */
+   if ((err = mp_invmod(s, p, w)) != CRYPT_OK)                                                          { goto error; }
+
+   /* u1 = ew */
+   if ((err = mp_mulmod(e, w, p, u1)) != CRYPT_OK)                                                      { goto error; }
+
+   /* u2 = rw */
+   if ((err = mp_mulmod(r, w, p, u2)) != CRYPT_OK)                                                      { goto error; }
+
+   /* find mG and mQ */
+   if ((err = mp_read_radix(mG->x, (char *)key->dp->Gx, 16)) != CRYPT_OK)                               { goto error; }
+   if ((err = mp_read_radix(mG->y, (char *)key->dp->Gy, 16)) != CRYPT_OK)                               { goto error; }
+   if ((err = mp_set(mG->z, 1)) != CRYPT_OK)                                                            { goto error; }
+
+   if ((err = mp_copy(key->pubkey.x, mQ->x)) != CRYPT_OK)                                               { goto error; }
+   if ((err = mp_copy(key->pubkey.y, mQ->y)) != CRYPT_OK)                                               { goto error; }
+   if ((err = mp_copy(key->pubkey.z, mQ->z)) != CRYPT_OK)                                               { goto error; }
+
+   /* compute u1*mG + u2*mQ = mG */
+   if (ltc_mp.ecc_mul2add == NULL) {
+      if ((err = ltc_mp.ecc_ptmul(u1, mG, mG, m, 0)) != CRYPT_OK)                                       { goto error; }
+      if ((err = ltc_mp.ecc_ptmul(u2, mQ, mQ, m, 0)) != CRYPT_OK)                                       { goto error; }
+  
+      /* find the montgomery mp */
+      if ((err = mp_montgomery_setup(m, &mp)) != CRYPT_OK)                                              { goto error; }
+
+      /* add them */
+      if ((err = ltc_mp.ecc_ptadd(mQ, mG, mG, m, mp)) != CRYPT_OK)                                      { goto error; }
+   
+      /* reduce */
+      if ((err = ltc_mp.ecc_map(mG, m, mp)) != CRYPT_OK)                                                { goto error; }
+   } else {
+      /* use Shamir's trick to compute u1*mG + u2*mQ using half of the doubles */
+      if ((err = ltc_mp.ecc_mul2add(mG, u1, mQ, u2, mG, m)) != CRYPT_OK)                                { goto error; }
+   }
+
+   /* v = X_x1 mod n */
+   if ((err = mp_mod(mG->x, p, v)) != CRYPT_OK)                                                         { goto error; }
+
+   /* does v == r */
+   if (mp_cmp(v, r) == LTC_MP_EQ) {
+      *stat = 1;
+   }
+
+   /* clear up and return */
+   err = CRYPT_OK;
+error:
+   ltc_ecc_del_point(mG);
+   ltc_ecc_del_point(mQ);
+   mp_clear_multi(r, s, v, w, u1, u2, p, e, m, NULL);
+   if (mp != NULL) { 
+      mp_montgomery_free(mp);
+   }
+   return err;
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ecc_verify_hash.c,v $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/12/04 05:07:59 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ltc_ecc_is_valid_idx.c b/libtomcrypt/src/pk/ecc/ltc_ecc_is_valid_idx.c
new file mode 100644
index 0000000..cf81f24
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ltc_ecc_is_valid_idx.c
@@ -0,0 +1,46 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ltc_ecc_is_valid_idx.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+/** Returns whether an ECC idx is valid or not
+  @param n   The idx number to check
+  @return 1 if valid, 0 if not
+*/  
+int ltc_ecc_is_valid_idx(int n)
+{
+   int x;
+
+   for (x = 0; ltc_ecc_sets[x].size != 0; x++);
+   /* -1 is a valid index --- indicating that the domain params were supplied by the user */
+   if ((n >= -1) || (n < x)) {
+      return 1;
+   }
+   return 0;
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_is_valid_idx.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/11/21 00:10:18 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ltc_ecc_map.c b/libtomcrypt/src/pk/ecc/ltc_ecc_map.c
new file mode 100644
index 0000000..eec28b3
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ltc_ecc_map.c
@@ -0,0 +1,76 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ltc_ecc_map.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+/**
+  Map a projective jacbobian point back to affine space
+  @param P        [in/out] The point to map
+  @param modulus  The modulus of the field the ECC curve is in
+  @param mp       The "b" value from montgomery_setup()
+  @return CRYPT_OK on success
+*/
+int ltc_ecc_map(ecc_point *P, void *modulus, void *mp)
+{
+   void *t1, *t2;
+   int   err;
+
+   LTC_ARGCHK(P       != NULL);
+   LTC_ARGCHK(modulus != NULL);
+   LTC_ARGCHK(mp      != NULL);
+
+   if ((err = mp_init_multi(&t1, &t2, NULL)) != CRYPT_OK) {
+      return CRYPT_MEM;
+   }
+
+   /* first map z back to normal */
+   if ((err = mp_montgomery_reduce(P->z, modulus, mp)) != CRYPT_OK)           { goto done; }
+
+   /* get 1/z */
+   if ((err = mp_invmod(P->z, modulus, t1)) != CRYPT_OK)                      { goto done; }
+ 
+   /* get 1/z^2 and 1/z^3 */
+   if ((err = mp_sqr(t1, t2)) != CRYPT_OK)                                    { goto done; }
+   if ((err = mp_mod(t2, modulus, t2)) != CRYPT_OK)                           { goto done; }
+   if ((err = mp_mul(t1, t2, t1)) != CRYPT_OK)                                { goto done; }
+   if ((err = mp_mod(t1, modulus, t1)) != CRYPT_OK)                           { goto done; }
+
+   /* multiply against x/y */
+   if ((err = mp_mul(P->x, t2, P->x)) != CRYPT_OK)                            { goto done; }
+   if ((err = mp_montgomery_reduce(P->x, modulus, mp)) != CRYPT_OK)           { goto done; }
+   if ((err = mp_mul(P->y, t1, P->y)) != CRYPT_OK)                            { goto done; }
+   if ((err = mp_montgomery_reduce(P->y, modulus, mp)) != CRYPT_OK)           { goto done; }
+   if ((err = mp_set(P->z, 1)) != CRYPT_OK)                                   { goto done; }
+
+   err = CRYPT_OK;
+done:
+   mp_clear_multi(t1, t2, NULL);
+   return err;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_map.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/12/04 02:50:11 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ltc_ecc_mul2add.c b/libtomcrypt/src/pk/ecc/ltc_ecc_mul2add.c
new file mode 100644
index 0000000..ac1c24f
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ltc_ecc_mul2add.c
@@ -0,0 +1,207 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ltc_ecc_mul2add.c
+  ECC Crypto, Shamir's Trick, Tom St Denis
+*/  
+
+#ifdef MECC
+
+#ifdef LTC_ECC_SHAMIR
+
+/** Computes kA*A + kB*B = C using Shamir's Trick
+  @param A        First point to multiply
+  @param kA       What to multiple A by
+  @param B        Second point to multiply
+  @param kB       What to multiple B by
+  @param C        [out] Destination point (can overlap with A or B
+  @param modulus  Modulus for curve 
+  @return CRYPT_OK on success
+*/ 
+int ltc_ecc_mul2add(ecc_point *A, void *kA,
+                    ecc_point *B, void *kB,
+                    ecc_point *C,
+                         void *modulus)
+{
+  ecc_point     *precomp[16];
+  unsigned       bitbufA, bitbufB, lenA, lenB, len, x, y, nA, nB, nibble;
+  unsigned char *tA, *tB;
+  int            err, first;
+  void          *mp, *mu;
+ 
+  /* argchks */
+  LTC_ARGCHK(A       != NULL);
+  LTC_ARGCHK(B       != NULL);
+  LTC_ARGCHK(C       != NULL);
+  LTC_ARGCHK(kA      != NULL);
+  LTC_ARGCHK(kB      != NULL);
+  LTC_ARGCHK(modulus != NULL);
+
+  /* allocate memory */
+  tA = XCALLOC(1, ECC_BUF_SIZE);
+  if (tA == NULL) {
+     return CRYPT_MEM;
+  }
+  tB = XCALLOC(1, ECC_BUF_SIZE);
+  if (tB == NULL) {
+     XFREE(tA);
+     return CRYPT_MEM;
+  }
+
+  /* get sizes */
+  lenA = mp_unsigned_bin_size(kA);
+  lenB = mp_unsigned_bin_size(kB);
+  len  = MAX(lenA, lenB);
+
+  /* sanity check */
+  if ((lenA > ECC_BUF_SIZE) || (lenB > ECC_BUF_SIZE)) {
+     err = CRYPT_INVALID_ARG;
+     goto ERR_T;
+  }
+
+  /* extract and justify kA */
+  mp_to_unsigned_bin(kA, (len - lenA) + tA);
+
+  /* extract and justify kB */
+  mp_to_unsigned_bin(kB, (len - lenB) + tB);
+
+  /* allocate the table */
+  for (x = 0; x < 16; x++) {
+     precomp[x] = ltc_ecc_new_point();
+     if (precomp[x] == NULL) {
+         for (y = 0; y < x; ++y) {
+            ltc_ecc_del_point(precomp[y]);
+         }
+         err = CRYPT_MEM;
+         goto ERR_T;
+     }
+  }
+
+   /* init montgomery reduction */
+   if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) {
+      goto ERR_P;
+   }
+   if ((err = mp_init(&mu)) != CRYPT_OK) {
+      goto ERR_MP;
+   }
+   if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) {
+      goto ERR_MU;
+   }
+
+  /* copy ones ... */
+  if ((err = mp_mulmod(A->x, mu, modulus, precomp[1]->x)) != CRYPT_OK)                                         { goto ERR_MU; }
+  if ((err = mp_mulmod(A->y, mu, modulus, precomp[1]->y)) != CRYPT_OK)                                         { goto ERR_MU; }
+  if ((err = mp_mulmod(A->z, mu, modulus, precomp[1]->z)) != CRYPT_OK)                                         { goto ERR_MU; }
+
+  if ((err = mp_mulmod(B->x, mu, modulus, precomp[1<<2]->x)) != CRYPT_OK)                                      { goto ERR_MU; }
+  if ((err = mp_mulmod(B->y, mu, modulus, precomp[1<<2]->y)) != CRYPT_OK)                                      { goto ERR_MU; }
+  if ((err = mp_mulmod(B->z, mu, modulus, precomp[1<<2]->z)) != CRYPT_OK)                                      { goto ERR_MU; }
+
+  /* precomp [i,0](A + B) table */
+  if ((err = ltc_mp.ecc_ptdbl(precomp[1], precomp[2], modulus, mp)) != CRYPT_OK)                               { goto ERR_MU; }
+  if ((err = ltc_mp.ecc_ptadd(precomp[1], precomp[2], precomp[3], modulus, mp)) != CRYPT_OK)                   { goto ERR_MU; }
+
+  /* precomp [0,i](A + B) table */
+  if ((err = ltc_mp.ecc_ptdbl(precomp[1<<2], precomp[2<<2], modulus, mp)) != CRYPT_OK)                         { goto ERR_MU; }
+  if ((err = ltc_mp.ecc_ptadd(precomp[1<<2], precomp[2<<2], precomp[3<<2], modulus, mp)) != CRYPT_OK)          { goto ERR_MU; }
+
+  /* precomp [i,j](A + B) table (i != 0, j != 0) */
+  for (x = 1; x < 4; x++) {
+     for (y = 1; y < 4; y++) {
+        if ((err = ltc_mp.ecc_ptadd(precomp[x], precomp[(y<<2)], precomp[x+(y<<2)], modulus, mp)) != CRYPT_OK) { goto ERR_MU; }
+     }
+  }   
+
+  nibble  = 3;
+  first   = 1;
+  bitbufA = tA[0];
+  bitbufB = tB[0];
+
+  /* for every byte of the multiplicands */
+  for (x = -1;; ) {
+     /* grab a nibble */
+     if (++nibble == 4) {
+        ++x; if (x == len) break;
+        bitbufA = tA[x];
+        bitbufB = tB[x];
+        nibble  = 0;
+     }
+
+     /* extract two bits from both, shift/update */
+     nA = (bitbufA >> 6) & 0x03;
+     nB = (bitbufB >> 6) & 0x03;
+     bitbufA = (bitbufA << 2) & 0xFF;   
+     bitbufB = (bitbufB << 2) & 0xFF;   
+
+     /* if both zero, if first, continue */
+     if ((nA == 0) && (nB == 0) && (first == 1)) {
+        continue;
+     }
+
+     /* double twice, only if this isn't the first */
+     if (first == 0) {
+        /* double twice */
+        if ((err = ltc_mp.ecc_ptdbl(C, C, modulus, mp)) != CRYPT_OK)                  { goto ERR_MU; }
+        if ((err = ltc_mp.ecc_ptdbl(C, C, modulus, mp)) != CRYPT_OK)                  { goto ERR_MU; }
+     }
+
+     /* if not both zero */
+     if ((nA != 0) || (nB != 0)) {
+        if (first == 1) {
+           /* if first, copy from table */
+           first = 0;
+           if ((err = mp_copy(precomp[nA + (nB<<2)]->x, C->x)) != CRYPT_OK)           { goto ERR_MU; }
+           if ((err = mp_copy(precomp[nA + (nB<<2)]->y, C->y)) != CRYPT_OK)           { goto ERR_MU; }
+           if ((err = mp_copy(precomp[nA + (nB<<2)]->z, C->z)) != CRYPT_OK)           { goto ERR_MU; }
+        } else {
+           /* if not first, add from table */
+           if ((err = ltc_mp.ecc_ptadd(C, precomp[nA + (nB<<2)], C, modulus, mp)) != CRYPT_OK) { goto ERR_MU; }
+        }
+     }
+  }
+
+  /* reduce to affine */
+  err = ltc_ecc_map(C, modulus, mp);
+
+  /* clean up */
+ERR_MU:
+   mp_clear(mu);
+ERR_MP:
+   mp_montgomery_free(mp);
+ERR_P:
+   for (x = 0; x < 16; x++) {
+       ltc_ecc_del_point(precomp[x]);
+   }
+ERR_T:
+#ifdef LTC_CLEAN_STACK
+   zeromem(tA, ECC_BUF_SIZE);
+   zeromem(tB, ECC_BUF_SIZE);
+#endif
+   XFREE(tA);
+   XFREE(tB);
+
+   return err;
+}
+
+#endif
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_mul2add.c,v $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/12/04 05:07:59 $ */
diff --git a/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod.c b/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod.c
new file mode 100644
index 0000000..0e4c92b
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod.c
@@ -0,0 +1,222 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ltc_ecc_mulmod.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+#ifndef LTC_ECC_TIMING_RESISTANT
+
+/* size of sliding window, don't change this! */
+#define WINSIZE 4
+
+/**
+   Perform a point multiplication 
+   @param k    The scalar to multiply by
+   @param G    The base point
+   @param R    [out] Destination for kG
+   @param modulus  The modulus of the field the ECC curve is in
+   @param map      Boolean whether to map back to affine or not (1==map, 0 == leave in projective)
+   @return CRYPT_OK on success
+*/
+int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map)
+{
+   ecc_point *tG, *M[8];
+   int        i, j, err;
+   void       *mu, *mp;
+   unsigned long buf;
+   int        first, bitbuf, bitcpy, bitcnt, mode, digidx;
+
+   LTC_ARGCHK(k       != NULL);
+   LTC_ARGCHK(G       != NULL);
+   LTC_ARGCHK(R       != NULL);
+   LTC_ARGCHK(modulus != NULL);
+
+   /* init montgomery reduction */
+   if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) {
+      return err;
+   }
+   if ((err = mp_init(&mu)) != CRYPT_OK) {
+      mp_montgomery_free(mp);
+      return err;
+   }
+   if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) {
+      mp_montgomery_free(mp);
+      mp_clear(mu);
+      return err;
+   }
+  
+  /* alloc ram for window temps */
+  for (i = 0; i < 8; i++) {
+      M[i] = ltc_ecc_new_point();
+      if (M[i] == NULL) {
+         for (j = 0; j < i; j++) {
+             ltc_ecc_del_point(M[j]);
+         }
+         mp_montgomery_free(mp);
+         mp_clear(mu);
+         return CRYPT_MEM;
+      }
+  }
+
+   /* make a copy of G incase R==G */
+   tG = ltc_ecc_new_point();
+   if (tG == NULL)                                                                   { err = CRYPT_MEM; goto done; }
+
+   /* tG = G  and convert to montgomery */
+   if (mp_cmp_d(mu, 1) == LTC_MP_EQ) {
+      if ((err = mp_copy(G->x, tG->x)) != CRYPT_OK)                                  { goto done; }
+      if ((err = mp_copy(G->y, tG->y)) != CRYPT_OK)                                  { goto done; }
+      if ((err = mp_copy(G->z, tG->z)) != CRYPT_OK)                                  { goto done; }
+   } else {      
+      if ((err = mp_mulmod(G->x, mu, modulus, tG->x)) != CRYPT_OK)                   { goto done; }
+      if ((err = mp_mulmod(G->y, mu, modulus, tG->y)) != CRYPT_OK)                   { goto done; }
+      if ((err = mp_mulmod(G->z, mu, modulus, tG->z)) != CRYPT_OK)                   { goto done; }
+   }
+   mp_clear(mu);
+   mu = NULL;
+   
+   /* calc the M tab, which holds kG for k==8..15 */
+   /* M[0] == 8G */
+   if ((err = ltc_mp.ecc_ptdbl(tG, M[0], modulus, mp)) != CRYPT_OK)                 { goto done; }
+   if ((err = ltc_mp.ecc_ptdbl(M[0], M[0], modulus, mp)) != CRYPT_OK)               { goto done; }
+   if ((err = ltc_mp.ecc_ptdbl(M[0], M[0], modulus, mp)) != CRYPT_OK)               { goto done; }
+
+   /* now find (8+k)G for k=1..7 */
+   for (j = 9; j < 16; j++) {
+       if ((err = ltc_mp.ecc_ptadd(M[j-9], tG, M[j-8], modulus, mp)) != CRYPT_OK)   { goto done; }
+   }
+
+   /* setup sliding window */
+   mode   = 0;
+   bitcnt = 1;
+   buf    = 0;
+   digidx = mp_get_digit_count(k) - 1;
+   bitcpy = bitbuf = 0;
+   first  = 1;
+
+   /* perform ops */
+   for (;;) {
+     /* grab next digit as required */
+     if (--bitcnt == 0) {
+       if (digidx == -1) {
+          break;
+       }
+       buf    = mp_get_digit(k, digidx);
+       bitcnt = (int) ltc_mp.bits_per_digit;
+       --digidx;
+     }
+
+     /* grab the next msb from the ltiplicand */
+     i = (buf >> (ltc_mp.bits_per_digit - 1)) & 1;
+     buf <<= 1;
+
+     /* skip leading zero bits */
+     if (mode == 0 && i == 0) {
+        continue;
+     }
+
+     /* if the bit is zero and mode == 1 then we double */
+     if (mode == 1 && i == 0) {
+        if ((err = ltc_mp.ecc_ptdbl(R, R, modulus, mp)) != CRYPT_OK)                 { goto done; }
+        continue;
+     }
+
+     /* else we add it to the window */
+     bitbuf |= (i << (WINSIZE - ++bitcpy));
+     mode = 2;
+
+     if (bitcpy == WINSIZE) {
+       /* if this is the first window we do a simple copy */
+       if (first == 1) {
+          /* R = kG [k = first window] */
+          if ((err = mp_copy(M[bitbuf-8]->x, R->x)) != CRYPT_OK)                     { goto done; }
+          if ((err = mp_copy(M[bitbuf-8]->y, R->y)) != CRYPT_OK)                     { goto done; }
+          if ((err = mp_copy(M[bitbuf-8]->z, R->z)) != CRYPT_OK)                     { goto done; }
+          first = 0;
+       } else {
+         /* normal window */
+         /* ok window is filled so double as required and add  */
+         /* double first */
+         for (j = 0; j < WINSIZE; j++) {
+           if ((err = ltc_mp.ecc_ptdbl(R, R, modulus, mp)) != CRYPT_OK)              { goto done; }
+         }
+
+         /* then add, bitbuf will be 8..15 [8..2^WINSIZE] guaranteed */
+         if ((err = ltc_mp.ecc_ptadd(R, M[bitbuf-8], R, modulus, mp)) != CRYPT_OK)   { goto done; }
+       }
+       /* empty window and reset */
+       bitcpy = bitbuf = 0;
+       mode = 1;
+    }
+  }
+
+   /* if bits remain then double/add */
+   if (mode == 2 && bitcpy > 0) {
+     /* double then add */
+     for (j = 0; j < bitcpy; j++) {
+       /* only double if we have had at least one add first */
+       if (first == 0) {
+          if ((err = ltc_mp.ecc_ptdbl(R, R, modulus, mp)) != CRYPT_OK)              { goto done; }
+       }
+
+       bitbuf <<= 1;
+       if ((bitbuf & (1 << WINSIZE)) != 0) {
+         if (first == 1){
+            /* first add, so copy */
+            if ((err = mp_copy(tG->x, R->x)) != CRYPT_OK)                           { goto done; }
+            if ((err = mp_copy(tG->y, R->y)) != CRYPT_OK)                           { goto done; }
+            if ((err = mp_copy(tG->z, R->z)) != CRYPT_OK)                           { goto done; }
+            first = 0;
+         } else {
+            /* then add */
+            if ((err = ltc_mp.ecc_ptadd(R, tG, R, modulus, mp)) != CRYPT_OK)        { goto done; }
+         }
+       }
+     }
+   }
+
+   /* map R back from projective space */
+   if (map) {
+      err = ltc_ecc_map(R, modulus, mp);
+   } else {
+      err = CRYPT_OK;
+   }
+done:
+   if (mu != NULL) {
+      mp_clear(mu);
+   }
+   mp_montgomery_free(mp);
+   ltc_ecc_del_point(tG);
+   for (i = 0; i < 8; i++) {
+       ltc_ecc_del_point(M[i]);
+   }
+   return err;
+}
+
+#endif
+
+#undef WINSIZE
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod.c,v $ */
+/* $Revision: 1.24 $ */
+/* $Date: 2006/12/04 05:07:59 $ */
diff --git a/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c b/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c
new file mode 100644
index 0000000..b94a50c
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c
@@ -0,0 +1,167 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ltc_ecc_mulmod_timing.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+#ifdef LTC_ECC_TIMING_RESISTANT
+
+/**
+   Perform a point multiplication  (timing resistant)
+   @param k    The scalar to multiply by
+   @param G    The base point
+   @param R    [out] Destination for kG
+   @param modulus  The modulus of the field the ECC curve is in
+   @param map      Boolean whether to map back to affine or not (1==map, 0 == leave in projective)
+   @return CRYPT_OK on success
+*/
+int ltc_ecc_mulmod(void *k, ecc_point *G, ecc_point *R, void *modulus, int map)
+{
+   ecc_point *tG, *M[3];
+   int        i, j, err;
+   void       *mu, *mp;
+   unsigned long buf;
+   int        first, bitbuf, bitcpy, bitcnt, mode, digidx;
+
+   LTC_ARGCHK(k       != NULL);
+   LTC_ARGCHK(G       != NULL);
+   LTC_ARGCHK(R       != NULL);
+   LTC_ARGCHK(modulus != NULL);
+
+   /* init montgomery reduction */
+   if ((err = mp_montgomery_setup(modulus, &mp)) != CRYPT_OK) {
+      return err;
+   }
+   if ((err = mp_init(&mu)) != CRYPT_OK) {
+      mp_montgomery_free(mp);
+      return err;
+   }
+   if ((err = mp_montgomery_normalization(mu, modulus)) != CRYPT_OK) {
+      mp_clear(mu);
+      mp_montgomery_free(mp);
+      return err;
+   }
+
+  /* alloc ram for window temps */
+  for (i = 0; i < 3; i++) {
+      M[i] = ltc_ecc_new_point();
+      if (M[i] == NULL) {
+         for (j = 0; j < i; j++) {
+             ltc_ecc_del_point(M[j]);
+         }
+         mp_clear(mu);
+         mp_montgomery_free(mp);
+         return CRYPT_MEM;
+      }
+  }
+
+   /* make a copy of G incase R==G */
+   tG = ltc_ecc_new_point();
+   if (tG == NULL)                                                                   { err = CRYPT_MEM; goto done; }
+
+   /* tG = G  and convert to montgomery */
+   if ((err = mp_mulmod(G->x, mu, modulus, tG->x)) != CRYPT_OK)                      { goto done; }
+   if ((err = mp_mulmod(G->y, mu, modulus, tG->y)) != CRYPT_OK)                      { goto done; }
+   if ((err = mp_mulmod(G->z, mu, modulus, tG->z)) != CRYPT_OK)                      { goto done; }
+   mp_clear(mu);
+   mu = NULL;
+   
+   /* calc the M tab */
+   /* M[0] == G */
+   if ((err = mp_copy(tG->x, M[0]->x)) != CRYPT_OK)                                  { goto done; }
+   if ((err = mp_copy(tG->y, M[0]->y)) != CRYPT_OK)                                  { goto done; }
+   if ((err = mp_copy(tG->z, M[0]->z)) != CRYPT_OK)                                  { goto done; }
+   /* M[1] == 2G */
+   if ((err = ltc_mp.ecc_ptdbl(tG, M[1], modulus, mp)) != CRYPT_OK)                  { goto done; }
+
+   /* setup sliding window */
+   mode   = 0;
+   bitcnt = 1;
+   buf    = 0;
+   digidx = mp_get_digit_count(k) - 1;
+   bitcpy = bitbuf = 0;
+   first  = 1;
+
+   /* perform ops */
+   for (;;) {
+     /* grab next digit as required */
+      if (--bitcnt == 0) {
+         if (digidx == -1) {
+            break;
+         }
+         buf    = mp_get_digit(k, digidx);
+         bitcnt = (int) MP_DIGIT_BIT;
+         --digidx;
+      }
+
+      /* grab the next msb from the ltiplicand */
+      i = (buf >> (MP_DIGIT_BIT - 1)) & 1;
+      buf <<= 1;
+
+      if (mode == 0 && i == 0) {
+         /* dummy operations */
+         if ((err = ltc_mp.ecc_ptadd(M[0], M[1], M[2], modulus, mp)) != CRYPT_OK)    { goto done; }
+         if ((err = ltc_mp.ecc_ptdbl(M[1], M[2], modulus, mp)) != CRYPT_OK)          { goto done; }
+         continue;
+      }
+
+      if (mode == 0 && i == 1) {
+         mode = 1;
+         /* dummy operations */
+         if ((err = ltc_mp.ecc_ptadd(M[0], M[1], M[2], modulus, mp)) != CRYPT_OK)    { goto done; }
+         if ((err = ltc_mp.ecc_ptdbl(M[1], M[2], modulus, mp)) != CRYPT_OK)          { goto done; }
+         continue;
+      }
+
+      if ((err = ltc_mp.ecc_ptadd(M[0], M[1], M[i^1], modulus, mp)) != CRYPT_OK)     { goto done; }
+      if ((err = ltc_mp.ecc_ptdbl(M[i], M[i], modulus, mp)) != CRYPT_OK)             { goto done; }
+   }
+
+   /* copy result out */
+   if ((err = mp_copy(M[0]->x, R->x)) != CRYPT_OK)                                   { goto done; }
+   if ((err = mp_copy(M[0]->y, R->y)) != CRYPT_OK)                                   { goto done; }
+   if ((err = mp_copy(M[0]->z, R->z)) != CRYPT_OK)                                   { goto done; }
+
+   /* map R back from projective space */
+   if (map) {
+      err = ltc_ecc_map(R, modulus, mp);
+   } else {
+      err = CRYPT_OK;
+   }
+done:
+   if (mu != NULL) {
+      mp_clear(mu);
+   }
+   mp_montgomery_free(mp);
+   ltc_ecc_del_point(tG);
+   for (i = 0; i < 3; i++) {
+       ltc_ecc_del_point(M[i]);
+   }
+   return err;
+}
+
+#endif
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_mulmod_timing.c,v $ */
+/* $Revision: 1.11 $ */
+/* $Date: 2006/12/04 22:17:46 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ltc_ecc_points.c b/libtomcrypt/src/pk/ecc/ltc_ecc_points.c
new file mode 100644
index 0000000..39f1321
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ltc_ecc_points.c
@@ -0,0 +1,60 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ltc_ecc_points.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#ifdef MECC
+
+/**
+   Allocate a new ECC point
+   @return A newly allocated point or NULL on error 
+*/
+ecc_point *ltc_ecc_new_point(void)
+{
+   ecc_point *p;
+   p = XCALLOC(1, sizeof(*p));
+   if (p == NULL) {
+      return NULL;
+   }
+   if (mp_init_multi(&p->x, &p->y, &p->z, NULL) != CRYPT_OK) {
+      XFREE(p);
+      return NULL;
+   }
+   return p;
+}
+
+/** Free an ECC point from memory
+  @param p   The point to free
+*/
+void ltc_ecc_del_point(ecc_point *p)
+{
+   /* prevents free'ing null arguments */
+   if (p != NULL) {
+      mp_clear_multi(p->x, p->y, p->z, NULL); /* note: p->z may be NULL but that's ok with this function anyways */
+      XFREE(p);
+   }
+}
+
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_points.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/12/04 02:19:48 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ltc_ecc_projective_add_point.c b/libtomcrypt/src/pk/ecc/ltc_ecc_projective_add_point.c
new file mode 100644
index 0000000..c8e359f
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ltc_ecc_projective_add_point.c
@@ -0,0 +1,196 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ltc_ecc_projective_add_point.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#if defined(MECC) && (!defined(MECC_ACCEL) || defined(LTM_DESC))
+
+/**
+   Add two ECC points
+   @param P        The point to add
+   @param Q        The point to add
+   @param R        [out] The destination of the double
+   @param modulus  The modulus of the field the ECC curve is in
+   @param mp       The "b" value from montgomery_setup()
+   @return CRYPT_OK on success
+*/
+int ltc_ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, void *modulus, void *mp)
+{
+   void  *t1, *t2, *x, *y, *z;
+   int    err;
+
+   LTC_ARGCHK(P       != NULL);
+   LTC_ARGCHK(Q       != NULL);
+   LTC_ARGCHK(R       != NULL);
+   LTC_ARGCHK(modulus != NULL);
+   LTC_ARGCHK(mp      != NULL);
+
+   if ((err = mp_init_multi(&t1, &t2, &x, &y, &z, NULL)) != CRYPT_OK) {
+      return err;
+   }
+   
+   /* should we dbl instead? */
+   if ((err = mp_sub(modulus, Q->y, t1)) != CRYPT_OK)                          { goto done; }
+
+   if ( (mp_cmp(P->x, Q->x) == LTC_MP_EQ) && 
+        (Q->z != NULL && mp_cmp(P->z, Q->z) == LTC_MP_EQ) &&
+        (mp_cmp(P->y, Q->y) == LTC_MP_EQ || mp_cmp(P->y, t1) == LTC_MP_EQ)) {
+        mp_clear_multi(t1, t2, x, y, z, NULL);
+        return ltc_ecc_projective_dbl_point(P, R, modulus, mp);
+   }
+
+   if ((err = mp_copy(P->x, x)) != CRYPT_OK)                                   { goto done; }
+   if ((err = mp_copy(P->y, y)) != CRYPT_OK)                                   { goto done; }
+   if ((err = mp_copy(P->z, z)) != CRYPT_OK)                                   { goto done; }
+
+   /* if Z is one then these are no-operations */
+   if (Q->z != NULL) {
+      /* T1 = Z' * Z' */
+      if ((err = mp_sqr(Q->z, t1)) != CRYPT_OK)                                { goto done; }
+      if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK)           { goto done; }
+      /* X = X * T1 */
+      if ((err = mp_mul(t1, x, x)) != CRYPT_OK)                                { goto done; }
+      if ((err = mp_montgomery_reduce(x, modulus, mp)) != CRYPT_OK)            { goto done; }
+      /* T1 = Z' * T1 */
+      if ((err = mp_mul(Q->z, t1, t1)) != CRYPT_OK)                            { goto done; }
+      if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK)           { goto done; }
+      /* Y = Y * T1 */
+      if ((err = mp_mul(t1, y, y)) != CRYPT_OK)                                { goto done; }
+      if ((err = mp_montgomery_reduce(y, modulus, mp)) != CRYPT_OK)            { goto done; }
+   }
+
+   /* T1 = Z*Z */
+   if ((err = mp_sqr(z, t1)) != CRYPT_OK)                                      { goto done; }
+   if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK)              { goto done; }
+   /* T2 = X' * T1 */
+   if ((err = mp_mul(Q->x, t1, t2)) != CRYPT_OK)                               { goto done; }
+   if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK)              { goto done; }
+   /* T1 = Z * T1 */
+   if ((err = mp_mul(z, t1, t1)) != CRYPT_OK)                                  { goto done; }
+   if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK)              { goto done; }
+   /* T1 = Y' * T1 */
+   if ((err = mp_mul(Q->y, t1, t1)) != CRYPT_OK)                               { goto done; }
+   if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK)              { goto done; }
+
+   /* Y = Y - T1 */
+   if ((err = mp_sub(y, t1, y)) != CRYPT_OK)                                   { goto done; }
+   if (mp_cmp_d(y, 0) == LTC_MP_LT) {
+      if ((err = mp_add(y, modulus, y)) != CRYPT_OK)                           { goto done; }
+   }
+   /* T1 = 2T1 */
+   if ((err = mp_add(t1, t1, t1)) != CRYPT_OK)                                 { goto done; }
+   if (mp_cmp(t1, modulus) != LTC_MP_LT) {
+      if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK)                         { goto done; }
+   }
+   /* T1 = Y + T1 */
+   if ((err = mp_add(t1, y, t1)) != CRYPT_OK)                                  { goto done; }
+   if (mp_cmp(t1, modulus) != LTC_MP_LT) {
+      if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK)                         { goto done; }
+   }
+   /* X = X - T2 */
+   if ((err = mp_sub(x, t2, x)) != CRYPT_OK)                                   { goto done; }
+   if (mp_cmp_d(x, 0) == LTC_MP_LT) {
+      if ((err = mp_add(x, modulus, x)) != CRYPT_OK)                           { goto done; }
+   }
+   /* T2 = 2T2 */
+   if ((err = mp_add(t2, t2, t2)) != CRYPT_OK)                                 { goto done; }
+   if (mp_cmp(t2, modulus) != LTC_MP_LT) {
+      if ((err = mp_sub(t2, modulus, t2)) != CRYPT_OK)                         { goto done; }
+   }
+   /* T2 = X + T2 */
+   if ((err = mp_add(t2, x, t2)) != CRYPT_OK)                                  { goto done; }
+   if (mp_cmp(t2, modulus) != LTC_MP_LT) {
+      if ((err = mp_sub(t2, modulus, t2)) != CRYPT_OK)                         { goto done; }
+   }
+
+   /* if Z' != 1 */
+   if (Q->z != NULL) {
+      /* Z = Z * Z' */
+      if ((err = mp_mul(z, Q->z, z)) != CRYPT_OK)                              { goto done; }
+      if ((err = mp_montgomery_reduce(z, modulus, mp)) != CRYPT_OK)            { goto done; }
+   }
+
+   /* Z = Z * X */
+   if ((err = mp_mul(z, x, z)) != CRYPT_OK)                                    { goto done; }
+   if ((err = mp_montgomery_reduce(z, modulus, mp)) != CRYPT_OK)               { goto done; }
+
+   /* T1 = T1 * X  */
+   if ((err = mp_mul(t1, x, t1)) != CRYPT_OK)                                  { goto done; }
+   if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK)              { goto done; }
+   /* X = X * X */
+   if ((err = mp_sqr(x, x)) != CRYPT_OK)                                       { goto done; }
+   if ((err = mp_montgomery_reduce(x, modulus, mp)) != CRYPT_OK)               { goto done; }
+   /* T2 = T2 * x */
+   if ((err = mp_mul(t2, x, t2)) != CRYPT_OK)                                  { goto done; }
+   if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK)              { goto done; }
+   /* T1 = T1 * X  */
+   if ((err = mp_mul(t1, x, t1)) != CRYPT_OK)                                  { goto done; }
+   if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK)              { goto done; }
+ 
+   /* X = Y*Y */
+   if ((err = mp_sqr(y, x)) != CRYPT_OK)                                       { goto done; }
+   if ((err = mp_montgomery_reduce(x, modulus, mp)) != CRYPT_OK)               { goto done; }
+   /* X = X - T2 */
+   if ((err = mp_sub(x, t2, x)) != CRYPT_OK)                                   { goto done; }
+   if (mp_cmp_d(x, 0) == LTC_MP_LT) {
+      if ((err = mp_add(x, modulus, x)) != CRYPT_OK)                           { goto done; }
+   }
+
+   /* T2 = T2 - X */
+   if ((err = mp_sub(t2, x, t2)) != CRYPT_OK)                                  { goto done; }
+   if (mp_cmp_d(t2, 0) == LTC_MP_LT) {
+      if ((err = mp_add(t2, modulus, t2)) != CRYPT_OK)                         { goto done; }
+   } 
+   /* T2 = T2 - X */
+   if ((err = mp_sub(t2, x, t2)) != CRYPT_OK)                                  { goto done; }
+   if (mp_cmp_d(t2, 0) == LTC_MP_LT) {
+      if ((err = mp_add(t2, modulus, t2)) != CRYPT_OK)                         { goto done; }
+   }
+   /* T2 = T2 * Y */
+   if ((err = mp_mul(t2, y, t2)) != CRYPT_OK)                                  { goto done; }
+   if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK)              { goto done; }
+   /* Y = T2 - T1 */
+   if ((err = mp_sub(t2, t1, y)) != CRYPT_OK)                                  { goto done; }
+   if (mp_cmp_d(y, 0) == LTC_MP_LT) {
+      if ((err = mp_add(y, modulus, y)) != CRYPT_OK)                           { goto done; }
+   }
+   /* Y = Y/2 */
+   if (mp_isodd(y)) {
+      if ((err = mp_add(y, modulus, y)) != CRYPT_OK)                           { goto done; }
+   }
+   if ((err = mp_div_2(y, y)) != CRYPT_OK)                                     { goto done; }
+
+   if ((err = mp_copy(x, R->x)) != CRYPT_OK)                                   { goto done; }
+   if ((err = mp_copy(y, R->y)) != CRYPT_OK)                                   { goto done; }
+   if ((err = mp_copy(z, R->z)) != CRYPT_OK)                                   { goto done; }
+
+   err = CRYPT_OK;
+done:
+   mp_clear_multi(t1, t2, x, y, z, NULL);
+   return err;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_projective_add_point.c,v $ */
+/* $Revision: 1.13 $ */
+/* $Date: 2006/12/04 05:07:59 $ */
+
diff --git a/libtomcrypt/src/pk/ecc/ltc_ecc_projective_dbl_point.c b/libtomcrypt/src/pk/ecc/ltc_ecc_projective_dbl_point.c
new file mode 100644
index 0000000..f0b3e1d
--- /dev/null
+++ b/libtomcrypt/src/pk/ecc/ltc_ecc_projective_dbl_point.c
@@ -0,0 +1,147 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+
+/* Implements ECC over Z/pZ for curve y^2 = x^3 - 3x + b
+ *
+ * All curves taken from NIST recommendation paper of July 1999
+ * Available at http://csrc.nist.gov/cryptval/dss.htm
+ */
+#include "tomcrypt.h"
+
+/**
+  @file ltc_ecc_projective_dbl_point.c
+  ECC Crypto, Tom St Denis
+*/  
+
+#if defined(MECC) && (!defined(MECC_ACCEL) || defined(LTM_DESC))
+
+/**
+   Double an ECC point
+   @param P   The point to double
+   @param R   [out] The destination of the double
+   @param modulus  The modulus of the field the ECC curve is in
+   @param mp       The "b" value from montgomery_setup()
+   @return CRYPT_OK on success
+*/
+int ltc_ecc_projective_dbl_point(ecc_point *P, ecc_point *R, void *modulus, void *mp)
+{
+   void *t1, *t2;
+   int   err;
+
+   LTC_ARGCHK(P       != NULL);
+   LTC_ARGCHK(R       != NULL);
+   LTC_ARGCHK(modulus != NULL);
+   LTC_ARGCHK(mp      != NULL);
+
+   if ((err = mp_init_multi(&t1, &t2, NULL)) != CRYPT_OK) {
+      return err;
+   }
+
+   if (P != R) {
+      if ((err = mp_copy(P->x, R->x)) != CRYPT_OK)                                { goto done; }
+      if ((err = mp_copy(P->y, R->y)) != CRYPT_OK)                                { goto done; }
+      if ((err = mp_copy(P->z, R->z)) != CRYPT_OK)                                { goto done; }
+   }
+
+   /* t1 = Z * Z */
+   if ((err = mp_sqr(R->z, t1)) != CRYPT_OK)                                      { goto done; }
+   if ((err = mp_montgomery_reduce(t1, modulus, mp)) != CRYPT_OK)                 { goto done; }
+   /* Z = Y * Z */
+   if ((err = mp_mul(R->z, R->y, R->z)) != CRYPT_OK)                              { goto done; }
+   if ((err = mp_montgomery_reduce(R->z, modulus, mp)) != CRYPT_OK)               { goto done; }
+   /* Z = 2Z */
+   if ((err = mp_add(R->z, R->z, R->z)) != CRYPT_OK)                              { goto done; }
+   if (mp_cmp(R->z, modulus) != LTC_MP_LT) {
+      if ((err = mp_sub(R->z, modulus, R->z)) != CRYPT_OK)                        { goto done; }
+   }
+   
+   /* T2 = X - T1 */
+   if ((err = mp_sub(R->x, t1, t2)) != CRYPT_OK)                                  { goto done; }
+   if (mp_cmp_d(t2, 0) == LTC_MP_LT) {
+      if ((err = mp_add(t2, modulus, t2)) != CRYPT_OK)                            { goto done; }
+   }
+   /* T1 = X + T1 */
+   if ((err = mp_add(t1, R->x, t1)) != CRYPT_OK)                                  { goto done; }
+   if (mp_cmp(t1, modulus) != LTC_MP_LT) {
+      if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK)                            { goto done; }
+   }
+   /* T2 = T1 * T2 */
+   if ((err = mp_mul(t1, t2, t2)) != CRYPT_OK)                                    { goto done; }
+   if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK)                 { goto done; }
+   /* T1 = 2T2 */
+   if ((err = mp_add(t2, t2, t1)) != CRYPT_OK)                                    { goto done; }
+   if (mp_cmp(t1, modulus) != LTC_MP_LT) {
+      if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK)                            { goto done; }
+   }
+   /* T1 = T1 + T2 */
+   if ((err = mp_add(t1, t2, t1)) != CRYPT_OK)                                    { goto done; }
+   if (mp_cmp(t1, modulus) != LTC_MP_LT) {
+      if ((err = mp_sub(t1, modulus, t1)) != CRYPT_OK)                            { goto done; }
+   }
+
+   /* Y = 2Y */
+   if ((err = mp_add(R->y, R->y, R->y)) != CRYPT_OK)                              { goto done; }
+   if (mp_cmp(R->y, modulus) != LTC_MP_LT) {
+      if ((err = mp_sub(R->y, modulus, R->y)) != CRYPT_OK)                        { goto done; }
+   }
+   /* Y = Y * Y */
+   if ((err = mp_sqr(R->y, R->y)) != CRYPT_OK)                                    { goto done; }
+   if ((err = mp_montgomery_reduce(R->y, modulus, mp)) != CRYPT_OK)               { goto done; }
+   /* T2 = Y * Y */
+   if ((err = mp_sqr(R->y, t2)) != CRYPT_OK)                                      { goto done; }
+   if ((err = mp_montgomery_reduce(t2, modulus, mp)) != CRYPT_OK)                 { goto done; }
+   /* T2 = T2/2 */
+   if (mp_isodd(t2)) {
+      if ((err = mp_add(t2, modulus, t2)) != CRYPT_OK)                            { goto done; }
+   }
+   if ((err = mp_div_2(t2, t2)) != CRYPT_OK)                                      { goto done; }
+   /* Y = Y * X */
+   if ((err = mp_mul(R->y, R->x, R->y)) != CRYPT_OK)                              { goto done; }
+   if ((err = mp_montgomery_reduce(R->y, modulus, mp)) != CRYPT_OK)               { goto done; }
+
+   /* X  = T1 * T1 */
+   if ((err = mp_sqr(t1, R->x)) != CRYPT_OK)                                      { goto done; }
+   if ((err = mp_montgomery_reduce(R->x, modulus, mp)) != CRYPT_OK)               { goto done; }
+   /* X = X - Y */
+   if ((err = mp_sub(R->x, R->y, R->x)) != CRYPT_OK)                              { goto done; }
+   if (mp_cmp_d(R->x, 0) == LTC_MP_LT) {
+      if ((err = mp_add(R->x, modulus, R->x)) != CRYPT_OK)                        { goto done; }
+   }
+   /* X = X - Y */
+   if ((err = mp_sub(R->x, R->y, R->x)) != CRYPT_OK)                              { goto done; }
+   if (mp_cmp_d(R->x, 0) == LTC_MP_LT) {
+      if ((err = mp_add(R->x, modulus, R->x)) != CRYPT_OK)                        { goto done; }
+   }
+
+   /* Y = Y - X */     
+   if ((err = mp_sub(R->y, R->x, R->y)) != CRYPT_OK)                              { goto done; }
+   if (mp_cmp_d(R->y, 0) == LTC_MP_LT) {
+      if ((err = mp_add(R->y, modulus, R->y)) != CRYPT_OK)                        { goto done; }
+   }
+   /* Y = Y * T1 */
+   if ((err = mp_mul(R->y, t1, R->y)) != CRYPT_OK)                                { goto done; }
+   if ((err = mp_montgomery_reduce(R->y, modulus, mp)) != CRYPT_OK)               { goto done; }
+   /* Y = Y - T2 */
+   if ((err = mp_sub(R->y, t2, R->y)) != CRYPT_OK)                                { goto done; }
+   if (mp_cmp_d(R->y, 0) == LTC_MP_LT) {
+      if ((err = mp_add(R->y, modulus, R->y)) != CRYPT_OK)                        { goto done; }
+   }
+ 
+   err = CRYPT_OK;
+done:
+   mp_clear_multi(t1, t2, NULL);
+   return err;
+}
+#endif
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/ecc/ltc_ecc_projective_dbl_point.c,v $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/12/04 05:07:59 $ */
+
diff --git a/libtomcrypt/src/pk/katja/katja_decrypt_key.c b/libtomcrypt/src/pk/katja/katja_decrypt_key.c
new file mode 100644
index 0000000..1e10d6c
--- /dev/null
+++ b/libtomcrypt/src/pk/katja/katja_decrypt_key.c
@@ -0,0 +1,105 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file katja_decrypt_key.c
+  Katja PKCS #1 OAEP Decryption, Tom St Denis
+*/  
+
+#ifdef MKAT
+
+/**
+   (PKCS #1 v2.0) decrypt then OAEP depad  
+   @param in          The ciphertext
+   @param inlen       The length of the ciphertext (octets)
+   @param out         [out] The plaintext
+   @param outlen      [in/out] The max size and resulting size of the plaintext (octets)
+   @param lparam      The system "lparam" value
+   @param lparamlen   The length of the lparam value (octets)
+   @param hash_idx    The index of the hash desired
+   @param stat        [out] Result of the decryption, 1==valid, 0==invalid
+   @param key         The corresponding private Katja key
+   @return CRYPT_OK if succcessul (even if invalid)
+*/
+int katja_decrypt_key(const unsigned char *in,       unsigned long  inlen,
+                          unsigned char *out,      unsigned long *outlen, 
+                    const unsigned char *lparam,   unsigned long  lparamlen,
+                          int            hash_idx, int           *stat,
+                          katja_key       *key)
+{
+  unsigned long modulus_bitlen, modulus_bytelen, x;
+  int           err;
+  unsigned char *tmp;
+  
+  LTC_ARGCHK(out    != NULL);
+  LTC_ARGCHK(outlen != NULL);
+  LTC_ARGCHK(key    != NULL);
+  LTC_ARGCHK(stat   != NULL);
+
+  /* default to invalid */
+  *stat = 0;
+
+  /* valid hash ? */
+  if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
+     return err;
+  }
+  
+  /* get modulus len in bits */
+  modulus_bitlen = mp_count_bits( (key->N));
+
+  /* payload is upto pq, so we know q is 1/3rd the size of N and therefore pq is 2/3th the size */
+ modulus_bitlen = ((modulus_bitlen << 1) / 3);
+
+  /* round down to next byte */
+  modulus_bitlen -= (modulus_bitlen & 7) + 8;
+
+  /* outlen must be at least the size of the modulus */
+  modulus_bytelen = mp_unsigned_bin_size( (key->N));
+  if (modulus_bytelen != inlen) {
+     return CRYPT_INVALID_PACKET;
+  }
+
+  /* allocate ram */
+  tmp = XMALLOC(inlen);
+  if (tmp == NULL) {
+     return CRYPT_MEM;
+  }
+
+  /* rsa decode the packet */
+  x = inlen;
+  if ((err = katja_exptmod(in, inlen, tmp, &x, PK_PRIVATE, key)) != CRYPT_OK) {
+     XFREE(tmp);
+     return err;
+  }
+
+  /* shift right by modulus_bytelen - modulus_bitlen/8  bytes */
+  for (x = 0; x < (modulus_bitlen >> 3); x++) {
+     tmp[x] = tmp[x+(modulus_bytelen-(modulus_bitlen>>3))];
+  }
+
+  /* now OAEP decode the packet */
+  err = pkcs_1_oaep_decode(tmp, x, lparam, lparamlen, modulus_bitlen, hash_idx,
+                           out, outlen, stat);
+
+  XFREE(tmp);
+  return err;
+}
+
+#endif /* MRSA */
+
+
+
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/katja/katja_decrypt_key.c,v $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/katja/katja_encrypt_key.c b/libtomcrypt/src/pk/katja/katja_encrypt_key.c
new file mode 100644
index 0000000..ce93356
--- /dev/null
+++ b/libtomcrypt/src/pk/katja/katja_encrypt_key.c
@@ -0,0 +1,87 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file katja_encrypt_key.c
+  Katja PKCS-style OAEP encryption, Tom St Denis
+*/  
+
+#ifdef MKAT
+
+/**
+    (PKCS #1 v2.0) OAEP pad then encrypt
+    @param in          The plaintext
+    @param inlen       The length of the plaintext (octets)
+    @param out         [out] The ciphertext
+    @param outlen      [in/out] The max size and resulting size of the ciphertext
+    @param lparam      The system "lparam" for the encryption
+    @param lparamlen   The length of lparam (octets)
+    @param prng        An active PRNG
+    @param prng_idx    The index of the desired prng
+    @param hash_idx    The index of the desired hash
+    @param key         The Katja key to encrypt to
+    @return CRYPT_OK if successful
+*/    
+int katja_encrypt_key(const unsigned char *in,     unsigned long inlen,
+                          unsigned char *out,    unsigned long *outlen,
+                    const unsigned char *lparam, unsigned long lparamlen,
+                    prng_state *prng, int prng_idx, int hash_idx, katja_key *key)
+{
+  unsigned long modulus_bitlen, modulus_bytelen, x;
+  int           err;
+  
+  LTC_ARGCHK(in     != NULL);
+  LTC_ARGCHK(out    != NULL);
+  LTC_ARGCHK(outlen != NULL);
+  LTC_ARGCHK(key    != NULL);
+  
+  /* valid prng and hash ? */
+  if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) {
+     return err;
+  }
+  if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
+     return err;
+  }
+  
+  /* get modulus len in bits */
+  modulus_bitlen = mp_count_bits((key->N));
+
+  /* payload is upto pq, so we know q is 1/3rd the size of N and therefore pq is 2/3th the size */
+  modulus_bitlen = ((modulus_bitlen << 1) / 3);
+
+  /* round down to next byte */
+  modulus_bitlen -= (modulus_bitlen & 7) + 8;
+
+  /* outlen must be at least the size of the modulus */
+  modulus_bytelen = mp_unsigned_bin_size((key->N));
+  if (modulus_bytelen > *outlen) {
+     *outlen = modulus_bytelen;
+     return CRYPT_BUFFER_OVERFLOW;
+  }
+
+  /* OAEP pad the key */
+  x = *outlen;
+  if ((err = pkcs_1_oaep_encode(in, inlen, lparam, 
+                                lparamlen, modulus_bitlen, prng, prng_idx, hash_idx, 
+                                out, &x)) != CRYPT_OK) {
+     return err;
+  }                          
+
+  /* Katja exptmod the OAEP pad */
+  return katja_exptmod(out, x, out, outlen, PK_PUBLIC, key);
+}
+
+#endif /* MRSA */
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/katja/katja_encrypt_key.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/06/16 21:53:41 $ */
diff --git a/libtomcrypt/src/pk/katja/katja_export.c b/libtomcrypt/src/pk/katja/katja_export.c
new file mode 100644
index 0000000..9e55654
--- /dev/null
+++ b/libtomcrypt/src/pk/katja/katja_export.c
@@ -0,0 +1,75 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file katja_export.c
+  Export Katja PKCS-style keys, Tom St Denis
+*/  
+
+#ifdef MKAT
+
+/**
+    This will export either an KatjaPublicKey or KatjaPrivateKey
+    @param out       [out] Destination of the packet
+    @param outlen    [in/out] The max size and resulting size of the packet
+    @param type      The type of exported key (PK_PRIVATE or PK_PUBLIC)
+    @param key       The Katja key to export
+    @return CRYPT_OK if successful
+*/    
+int katja_export(unsigned char *out, unsigned long *outlen, int type, katja_key *key)
+{
+   int           err;
+   unsigned long zero=0;
+
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+   LTC_ARGCHK(key    != NULL);
+
+   /* type valid? */
+   if (!(key->type == PK_PRIVATE) && (type == PK_PRIVATE)) {
+      return CRYPT_PK_INVALID_TYPE;
+   }
+
+   if (type == PK_PRIVATE) {
+      /* private key */
+      /* output is 
+            Version, n, d, p, q, d mod (p-1), d mod (q - 1), 1/q mod p, pq
+       */
+      if ((err = der_encode_sequence_multi(out, outlen, 
+                          LTC_ASN1_SHORT_INTEGER, 1UL, &zero, 
+                          LTC_ASN1_INTEGER, 1UL,  key->N, 
+                          LTC_ASN1_INTEGER, 1UL,  key->d, 
+                          LTC_ASN1_INTEGER, 1UL,  key->p, 
+                          LTC_ASN1_INTEGER, 1UL,  key->q, 
+                          LTC_ASN1_INTEGER, 1UL,  key->dP,
+                          LTC_ASN1_INTEGER, 1UL,  key->dQ, 
+                          LTC_ASN1_INTEGER, 1UL,  key->qP, 
+                          LTC_ASN1_INTEGER, 1UL,  key->pq, 
+                          LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
+         return err;
+      }
+ 
+      /* clear zero and return */
+      return CRYPT_OK;
+   } else {
+      /* public key */
+      return der_encode_sequence_multi(out, outlen, 
+                                 LTC_ASN1_INTEGER, 1UL, key->N, 
+                                 LTC_ASN1_EOL,     0UL, NULL);
+   }
+}
+
+#endif /* MRSA */
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/katja/katja_export.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/katja/katja_exptmod.c b/libtomcrypt/src/pk/katja/katja_exptmod.c
new file mode 100644
index 0000000..8cc47d8
--- /dev/null
+++ b/libtomcrypt/src/pk/katja/katja_exptmod.c
@@ -0,0 +1,115 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file katja_exptmod.c
+  Katja PKCS-style exptmod, Tom St Denis
+*/  
+
+#ifdef MKAT
+
+/** 
+   Compute an RSA modular exponentiation 
+   @param in         The input data to send into RSA
+   @param inlen      The length of the input (octets)
+   @param out        [out] The destination 
+   @param outlen     [in/out] The max size and resulting size of the output
+   @param which      Which exponent to use, e.g. PK_PRIVATE or PK_PUBLIC
+   @param key        The RSA key to use 
+   @return CRYPT_OK if successful
+*/   
+int katja_exptmod(const unsigned char *in,   unsigned long inlen,
+                        unsigned char *out,  unsigned long *outlen, int which,
+                        katja_key *key)
+{
+   void         *tmp, *tmpa, *tmpb;
+   unsigned long x;
+   int           err;
+
+   LTC_ARGCHK(in     != NULL);
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+   LTC_ARGCHK(key    != NULL);
+  
+   /* is the key of the right type for the operation? */
+   if (which == PK_PRIVATE && (key->type != PK_PRIVATE)) {
+      return CRYPT_PK_NOT_PRIVATE;
+   }
+
+   /* must be a private or public operation */
+   if (which != PK_PRIVATE && which != PK_PUBLIC) {
+      return CRYPT_PK_INVALID_TYPE;
+   }
+
+   /* init and copy into tmp */
+   if ((err = mp_init_multi(&tmp, &tmpa, &tmpb, NULL)) != CRYPT_OK)                                    { return err; }
+   if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, (int)inlen)) != CRYPT_OK)                 { goto error; }
+
+   /* sanity check on the input */
+   if (mp_cmp(key->N, tmp) == LTC_MP_LT) {
+      err = CRYPT_PK_INVALID_SIZE;
+      goto done;
+   }
+
+   /* are we using the private exponent and is the key optimized? */
+   if (which == PK_PRIVATE) {
+      /* tmpa = tmp^dP mod p */
+      if ((err = mp_exptmod(tmp, key->dP, key->p, tmpa)) != CRYPT_OK)                               { goto error; }
+
+      /* tmpb = tmp^dQ mod q */
+      if ((err = mp_exptmod(tmp, key->dQ, key->q, tmpb)) != CRYPT_OK)                               { goto error; }
+
+      /* tmp = (tmpa - tmpb) * qInv (mod p) */
+      if ((err = mp_sub(tmpa, tmpb, tmp)) != CRYPT_OK)                                              { goto error; }
+      if ((err = mp_mulmod(tmp, key->qP, key->p, tmp)) != CRYPT_OK)                                 { goto error; }
+
+      /* tmp = tmpb + q * tmp */
+      if ((err = mp_mul(tmp, key->q, tmp)) != CRYPT_OK)                                             { goto error; }
+      if ((err = mp_add(tmp, tmpb, tmp)) != CRYPT_OK)                                               { goto error; }
+   } else {
+      /* exptmod it */
+      if ((err = mp_exptmod(tmp, key->N, key->N, tmp)) != CRYPT_OK)                                 { goto error; }
+   }
+
+   /* read it back */
+   x = (unsigned long)mp_unsigned_bin_size(key->N);
+   if (x > *outlen) {
+      *outlen = x;
+      err = CRYPT_BUFFER_OVERFLOW;
+      goto done;
+   }
+
+   /* this should never happen ... */
+   if (mp_unsigned_bin_size(tmp) > mp_unsigned_bin_size(key->N)) {
+      err = CRYPT_ERROR;
+      goto done;
+   }
+   *outlen = x;
+
+   /* convert it */
+   zeromem(out, x);
+   if ((err = mp_to_unsigned_bin(tmp, out+(x-mp_unsigned_bin_size(tmp)))) != CRYPT_OK)               { goto error; }
+
+   /* clean up and return */
+   err = CRYPT_OK;
+   goto done;
+error:
+done:
+   mp_clear_multi(tmp, tmpa, tmpb, NULL);
+   return err;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/katja/katja_exptmod.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/06/16 21:53:41 $ */
diff --git a/libtomcrypt/src/pk/katja/katja_free.c b/libtomcrypt/src/pk/katja/katja_free.c
new file mode 100644
index 0000000..8aed3fb
--- /dev/null
+++ b/libtomcrypt/src/pk/katja/katja_free.c
@@ -0,0 +1,35 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file katja_free.c
+  Free an Katja key, Tom St Denis
+*/  
+
+#ifdef MKAT
+
+/**
+  Free an Katja key from memory
+  @param key   The RSA key to free
+*/
+void katja_free(katja_key *key)
+{
+   LTC_ARGCHK(key != NULL);
+   mp_clear_multi( key->d,  key->N,  key->dQ,  key->dP,
+                   key->qP,  key->p,  key->q, key->pq, NULL);
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/katja/katja_free.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/katja/katja_import.c b/libtomcrypt/src/pk/katja/katja_import.c
new file mode 100644
index 0000000..efdbe07
--- /dev/null
+++ b/libtomcrypt/src/pk/katja/katja_import.c
@@ -0,0 +1,81 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file katja_import.c
+  Import a PKCS-style Katja key, Tom St Denis
+*/  
+
+#ifdef MKAT
+
+/**
+  Import an KatjaPublicKey or KatjaPrivateKey [two-prime only, only support >= 1024-bit keys, defined in PKCS #1 v2.1]
+  @param in      The packet to import from
+  @param inlen   It's length (octets)
+  @param key     [out] Destination for newly imported key
+  @return CRYPT_OK if successful, upon error allocated memory is freed
+*/
+int katja_import(const unsigned char *in, unsigned long inlen, katja_key *key)
+{
+   int           err;
+   void         *zero;
+
+   LTC_ARGCHK(in  != NULL);
+   LTC_ARGCHK(key != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+
+   /* init key */
+   if ((err = mp_init_multi(&zero, &key->d, &key->N, &key->dQ, 
+                            &key->dP, &key->qP, &key->p, &key->q, &key->pq, NULL)) != CRYPT_OK) {
+      return err;
+   }
+
+   if ((err = der_decode_sequence_multi(in, inlen, 
+                                  LTC_ASN1_INTEGER, 1UL, key->N, 
+                                  LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
+      goto LBL_ERR;
+   }
+
+   if (mp_cmp_d(key->N, 0) == LTC_MP_EQ) {
+      /* it's a private key */
+      if ((err = der_decode_sequence_multi(in, inlen, 
+                          LTC_ASN1_INTEGER, 1UL, zero, 
+                          LTC_ASN1_INTEGER, 1UL, key->N, 
+                          LTC_ASN1_INTEGER, 1UL, key->d, 
+                          LTC_ASN1_INTEGER, 1UL, key->p, 
+                          LTC_ASN1_INTEGER, 1UL, key->q, 
+                          LTC_ASN1_INTEGER, 1UL, key->dP,
+                          LTC_ASN1_INTEGER, 1UL, key->dQ, 
+                          LTC_ASN1_INTEGER, 1UL, key->qP, 
+                          LTC_ASN1_INTEGER, 1UL, key->pq, 
+                          LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
+         goto LBL_ERR;
+      }
+      key->type = PK_PRIVATE;
+   } else {
+      /* public we have N */
+      key->type = PK_PUBLIC;
+   }
+   mp_clear(zero);
+   return CRYPT_OK;
+LBL_ERR:
+   mp_clear_multi(zero,    key->d, key->N, key->dQ, key->dP,
+                  key->qP, key->p, key->q, key->pq, NULL);
+   return err;
+}
+
+#endif /* MRSA */
+
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/katja/katja_import.c,v $ */
+/* $Revision: 1.3 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/katja/katja_make_key.c b/libtomcrypt/src/pk/katja/katja_make_key.c
new file mode 100644
index 0000000..08016c8
--- /dev/null
+++ b/libtomcrypt/src/pk/katja/katja_make_key.c
@@ -0,0 +1,101 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/**
+  @file katja_make_key.c
+  Katja key generation, Tom St Denis
+*/  
+
+#ifdef MKAT
+
+/** 
+   Create a Katja key
+   @param prng     An active PRNG state
+   @param wprng    The index of the PRNG desired
+   @param size     The size of the modulus (key size) desired (octets)
+   @param key      [out] Destination of a newly created private key pair
+   @return CRYPT_OK if successful, upon error all allocated ram is freed
+*/
+int katja_make_key(prng_state *prng, int wprng, int size, katja_key *key)
+{
+   void *p, *q, *tmp1, *tmp2;
+   int    err;
+  
+   LTC_ARGCHK(key != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+
+   if ((size < (MIN_KAT_SIZE/8)) || (size > (MAX_KAT_SIZE/8))) {
+      return CRYPT_INVALID_KEYSIZE;
+   }
+
+   if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
+      return err;
+   }
+
+   if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, NULL)) != CRYPT_OK) {
+      return err;
+   }
+
+   /* divide size by three  */
+   size   = (((size << 3) / 3) + 7) >> 3;
+
+   /* make prime "q" (we negate size to make q == 3 mod 4) */
+   if ((err = rand_prime(q, -size, prng, wprng)) != CRYPT_OK)      { goto done; }
+   if ((err = mp_sub_d(q, 1, tmp1)) != CRYPT_OK)                   { goto done; }
+
+   /* make prime "p" */
+   do {
+      if ((err = rand_prime(p, size+1, prng, wprng)) != CRYPT_OK)  { goto done; }
+      if ((err = mp_gcd(p, tmp1, tmp2)) != CRYPT_OK)               { goto done; }
+   } while (mp_cmp_d(tmp2, 1) != LTC_MP_EQ);
+
+   /* make key */
+   if ((err = mp_init_multi(&key->d, &key->N, &key->dQ, &key->dP,
+                     &key->qP, &key->p, &key->q, &key->pq, NULL)) != CRYPT_OK) {
+      goto error;
+   }
+
+   /* n=p^2q and 1/n mod pq */
+   if ((err = mp_copy( p,  key->p)) != CRYPT_OK)                       { goto error2; }
+   if ((err = mp_copy( q,  key->q)) != CRYPT_OK)                       { goto error2; }
+   if ((err = mp_mul(key->p, key->q, key->pq)) != CRYPT_OK)            { goto error2; } /* tmp1 = pq  */
+   if ((err = mp_mul(key->pq, key->p, key->N)) != CRYPT_OK)            { goto error2; } /* N = p^2q   */  
+   if ((err = mp_sub_d( p, 1,  tmp1)) != CRYPT_OK)                     { goto error2; } /* tmp1 = q-1 */
+   if ((err = mp_sub_d( q, 1,  tmp2)) != CRYPT_OK)                     { goto error2; } /* tmp2 = p-1 */
+   if ((err = mp_lcm(tmp1, tmp2, key->d)) != CRYPT_OK)                 { goto error2; } /* tmp1 = lcd(p-1,q-1) */
+   if ((err = mp_invmod( key->N,  key->d,  key->d)) != CRYPT_OK)       { goto error2; } /* key->d = 1/N mod pq */
+
+   /* optimize for CRT now */
+   /* find d mod q-1 and d mod p-1 */
+   if ((err = mp_mod( key->d,  tmp1,  key->dP)) != CRYPT_OK)           { goto error2; } /* dP = d mod p-1 */
+   if ((err = mp_mod( key->d,  tmp2,  key->dQ)) != CRYPT_OK)           { goto error2; } /* dQ = d mod q-1 */
+   if ((err = mp_invmod( q,  p,  key->qP)) != CRYPT_OK)                { goto error2; } /* qP = 1/q mod p */
+
+   /* set key type (in this case it's CRT optimized) */
+   key->type = PK_PRIVATE;
+
+   /* return ok and free temps */
+   err       = CRYPT_OK;
+   goto done;
+error2:
+   mp_clear_multi( key->d,  key->N,  key->dQ,  key->dP,  key->qP,  key->p,  key->q, key->pq, NULL);
+error:
+done:
+   mp_clear_multi( tmp2,  tmp1,  p,  q, NULL);
+   return err;
+}
+
+#endif
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/katja/katja_make_key.c,v $ */
+/* $Revision: 1.10 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/packet_store_header.c b/libtomcrypt/src/pk/packet_store_header.c
deleted file mode 100644
index 855ca70..0000000
--- a/libtomcrypt/src/pk/packet_store_header.c
+++ /dev/null
@@ -1,33 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
- */
-#include "tomcrypt.h"
-
-#ifdef PACKET
-
-void packet_store_header(unsigned char *dst, int section, int subsection)
-{
-   LTC_ARGCHK(dst != NULL);
-
-   /* store version number */
-   dst[0] = (unsigned char)(CRYPT&255);
-   dst[1] = (unsigned char)((CRYPT>>8)&255);
-
-   /* store section and subsection */
-   dst[2] = (unsigned char)(section & 255);
-   dst[3] = (unsigned char)(subsection & 255);
-
-}
-
-#endif
-
-/* $Source: /cvs/libtom/libtomcrypt/src/pk/packet_store_header.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
diff --git a/libtomcrypt/src/pk/packet_valid_header.c b/libtomcrypt/src/pk/packet_valid_header.c
deleted file mode 100644
index 59db0f7..0000000
--- a/libtomcrypt/src/pk/packet_valid_header.c
+++ /dev/null
@@ -1,41 +0,0 @@
-/* LibTomCrypt, modular cryptographic library -- Tom St Denis
- *
- * LibTomCrypt is a library that provides various cryptographic
- * algorithms in a highly modular and flexible manner.
- *
- * The library is free for all purposes without any express
- * guarantee it works.
- *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
- */
-#include "tomcrypt.h"
-
-#ifdef PACKET
-
-int packet_valid_header(unsigned char *src, int section, int subsection)
-{
-   unsigned long ver;
-
-   LTC_ARGCHK(src != NULL);
-
-   /* check version */
-   ver = ((unsigned long)src[0]) | ((unsigned long)src[1] << 8U);
-   if (CRYPT < ver) {
-      return CRYPT_INVALID_PACKET;
-   }
-
-   /* check section and subsection */
-   if (section != (int)src[2] || subsection != (int)src[3]) {
-      return CRYPT_INVALID_PACKET;
-   }
-
-   return CRYPT_OK;
-}
-
-#endif
-
- 
-
-/* $Source: /cvs/libtom/libtomcrypt/src/pk/packet_valid_header.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
diff --git a/libtomcrypt/src/pk/pkcs1/pkcs_1_i2osp.c b/libtomcrypt/src/pk/pkcs1/pkcs_1_i2osp.c
index 3e68eb8..4a39bd5 100644
--- a/libtomcrypt/src/pk/pkcs1/pkcs_1_i2osp.c
+++ b/libtomcrypt/src/pk/pkcs1/pkcs_1_i2osp.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -28,9 +28,8 @@
    @param out           [out] The destination for the integer
    @return CRYPT_OK if successful
 */
-int pkcs_1_i2osp(mp_int *n, unsigned long modulus_len, unsigned char *out)
+int pkcs_1_i2osp(void *n, unsigned long modulus_len, unsigned char *out)
 {
-   int err;
    unsigned long size;
 
    size = mp_unsigned_bin_size(n);
@@ -41,15 +40,12 @@ int pkcs_1_i2osp(mp_int *n, unsigned long modulus_len, unsigned char *out)
 
    /* store it */
    zeromem(out, modulus_len);
-   if ((err = mp_to_unsigned_bin(n, out+(modulus_len-size))) != MP_OKAY) {
-      return mpi_to_ltc_error(err);
-   }
-   return CRYPT_OK;
+   return mp_to_unsigned_bin(n, out+(modulus_len-size));
 }
 
 #endif /* PKCS_1 */
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_i2osp.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/pkcs1/pkcs_1_mgf1.c b/libtomcrypt/src/pk/pkcs1/pkcs_1_mgf1.c
index aac7494..bfc80bd 100644
--- a/libtomcrypt/src/pk/pkcs1/pkcs_1_mgf1.c
+++ b/libtomcrypt/src/pk/pkcs1/pkcs_1_mgf1.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -26,8 +26,8 @@
    @param masklen     The length of the mask desired
    @return CRYPT_OK if successful
 */
-int pkcs_1_mgf1(const unsigned char *seed, unsigned long seedlen,
-                      int            hash_idx,
+int pkcs_1_mgf1(int                  hash_idx,
+                const unsigned char *seed, unsigned long seedlen,
                       unsigned char *mask, unsigned long masklen)
 {
    unsigned long hLen, x;
@@ -104,5 +104,5 @@ LBL_ERR:
 #endif /* PKCS_1 */
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_mgf1.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.6 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_decode.c b/libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_decode.c
index cd4931b..e70a016 100644
--- a/libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_decode.c
+++ b/libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_decode.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -101,7 +101,7 @@ int pkcs_1_oaep_decode(const unsigned char *msg,    unsigned long msglen,
    x += modulus_len - hLen - 1;
 
    /* compute MGF1 of maskedDB (hLen) */ 
-   if ((err = pkcs_1_mgf1(DB, modulus_len - hLen - 1, hash_idx, mask, hLen)) != CRYPT_OK) {
+   if ((err = pkcs_1_mgf1(hash_idx, DB, modulus_len - hLen - 1, mask, hLen)) != CRYPT_OK) {
       goto LBL_ERR;
    }
 
@@ -111,7 +111,7 @@ int pkcs_1_oaep_decode(const unsigned char *msg,    unsigned long msglen,
    }
 
    /* compute MGF1 of seed (k - hlen - 1) */
-   if ((err = pkcs_1_mgf1(seed, hLen, hash_idx, mask, modulus_len - hLen - 1)) != CRYPT_OK) {
+   if ((err = pkcs_1_mgf1(hash_idx, seed, hLen, mask, modulus_len - hLen - 1)) != CRYPT_OK) {
       goto LBL_ERR;
    }
 
@@ -136,7 +136,7 @@ int pkcs_1_oaep_decode(const unsigned char *msg,    unsigned long msglen,
    }
 
    /* compare the lhash'es */
-   if (memcmp(seed, DB, hLen) != 0) {
+   if (XMEMCMP(seed, DB, hLen) != 0) {
       err = CRYPT_OK;
       goto LBL_ERR;
    }
@@ -148,18 +148,19 @@ int pkcs_1_oaep_decode(const unsigned char *msg,    unsigned long msglen,
 
    /* error out if wasn't 0x01 */
    if (x == (modulus_len - hLen - 1) || DB[x] != 0x01) {
-      err = CRYPT_OK;
+      err = CRYPT_INVALID_PACKET;
       goto LBL_ERR;
    }
 
    /* rest is the message (and skip 0x01) */
-   if ((modulus_len - hLen - 1) - ++x > *outlen) {
+   if ((modulus_len - hLen - 1 - ++x) > *outlen) {
+      *outlen = modulus_len - hLen - 1 - x;
       err = CRYPT_BUFFER_OVERFLOW;
       goto LBL_ERR;
    }
 
    /* copy message */
-   *outlen = (modulus_len - hLen - 1) - x;
+   *outlen = modulus_len - hLen - 1 - x;
    XMEMCPY(out, DB + x, modulus_len - hLen - 1 - x);
    x += modulus_len - hLen - 1;
 
@@ -184,5 +185,5 @@ LBL_ERR:
 #endif /* PKCS_1 */
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_decode.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/06/18 02:37:06 $ */
+/* $Revision: 1.11 $ */
+/* $Date: 2006/11/01 09:28:17 $ */
diff --git a/libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_encode.c b/libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_encode.c
index 12670b5..99e1ac6 100644
--- a/libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_encode.c
+++ b/libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_encode.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -114,7 +114,7 @@ int pkcs_1_oaep_encode(const unsigned char *msg,    unsigned long msglen,
    }
 
    /* compute MGF1 of seed (k - hlen - 1) */
-   if ((err = pkcs_1_mgf1(seed, hLen, hash_idx, mask, modulus_len - hLen - 1)) != CRYPT_OK) {
+   if ((err = pkcs_1_mgf1(hash_idx, seed, hLen, mask, modulus_len - hLen - 1)) != CRYPT_OK) {
       goto LBL_ERR;
    }
 
@@ -124,7 +124,7 @@ int pkcs_1_oaep_encode(const unsigned char *msg,    unsigned long msglen,
    }
 
    /* compute MGF1 of maskedDB (hLen) */ 
-   if ((err = pkcs_1_mgf1(DB, modulus_len - hLen - 1, hash_idx, mask, hLen)) != CRYPT_OK) {
+   if ((err = pkcs_1_mgf1(hash_idx, DB, modulus_len - hLen - 1, mask, hLen)) != CRYPT_OK) {
       goto LBL_ERR;
    }
 
@@ -135,6 +135,7 @@ int pkcs_1_oaep_encode(const unsigned char *msg,    unsigned long msglen,
 
    /* create string of length modulus_len */
    if (*outlen < modulus_len) {
+      *outlen = modulus_len;
       err = CRYPT_BUFFER_OVERFLOW;
       goto LBL_ERR;
    }
@@ -168,5 +169,5 @@ LBL_ERR:
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_encode.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/06/16 21:53:41 $ */
diff --git a/libtomcrypt/src/pk/pkcs1/pkcs_1_os2ip.c b/libtomcrypt/src/pk/pkcs1/pkcs_1_os2ip.c
index a9a1858..563ae8d 100644
--- a/libtomcrypt/src/pk/pkcs1/pkcs_1_os2ip.c
+++ b/libtomcrypt/src/pk/pkcs1/pkcs_1_os2ip.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -23,19 +23,14 @@
   @param inlen      The length of the binary string
   @return CRYPT_OK if successful
 */
-int pkcs_1_os2ip(mp_int *n, unsigned char *in, unsigned long inlen)
+int pkcs_1_os2ip(void *n, unsigned char *in, unsigned long inlen)
 {
-   int err;
-   /* read it */
-   if ((err = mp_read_unsigned_bin(n, in, inlen)) != MP_OKAY) {
-      return mpi_to_ltc_error(err);
-   }
-   return CRYPT_OK;
+   return mp_read_unsigned_bin(n, in, inlen);
 }
 
 #endif /* PKCS_1 */
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_os2ip.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/pkcs1/pkcs_1_pss_decode.c b/libtomcrypt/src/pk/pkcs1/pkcs_1_pss_decode.c
index e61c33f..2c16d50 100644
--- a/libtomcrypt/src/pk/pkcs1/pkcs_1_pss_decode.c
+++ b/libtomcrypt/src/pk/pkcs1/pkcs_1_pss_decode.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -82,7 +82,7 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen,
 
    /* ensure the 0xBC byte */
    if (sig[siglen-1] != 0xBC) {
-      err = CRYPT_OK;
+      err = CRYPT_INVALID_PACKET;
       goto LBL_ERR;
    }
 
@@ -97,12 +97,12 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen,
 
    /* check the MSB */
    if ((sig[0] & ~(0xFF >> ((modulus_len<<3) - (modulus_bitlen-1)))) != 0) {
-      err = CRYPT_OK;
+      err = CRYPT_INVALID_PACKET;
       goto LBL_ERR;
    }
 
    /* generate mask of length modulus_len - hLen - 1 from hash */
-   if ((err = pkcs_1_mgf1(hash, hLen, hash_idx, mask, modulus_len - hLen - 1)) != CRYPT_OK) {
+   if ((err = pkcs_1_mgf1(hash_idx, hash, hLen, mask, modulus_len - hLen - 1)) != CRYPT_OK) {
       goto LBL_ERR;
    }
 
@@ -119,14 +119,14 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen,
    /* check for zeroes and 0x01 */
    for (x = 0; x < modulus_len - saltlen - hLen - 2; x++) {
        if (DB[x] != 0x00) {
-          err = CRYPT_OK;
+          err = CRYPT_INVALID_PACKET;
           goto LBL_ERR;
        }
    }
 
    /* check for the 0x01 */
    if (DB[x++] != 0x01) {
-      err = CRYPT_OK;
+      err = CRYPT_INVALID_PACKET;
       goto LBL_ERR;
    }
 
@@ -149,7 +149,7 @@ int pkcs_1_pss_decode(const unsigned char *msghash, unsigned long msghashlen,
    }
 
    /* mask == hash means valid signature */
-   if (memcmp(mask, hash, hLen) == 0) {
+   if (XMEMCMP(mask, hash, hLen) == 0) {
       *res = 1;
    }
 
@@ -173,5 +173,5 @@ LBL_ERR:
 #endif /* PKCS_1 */
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_pss_decode.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/11/30 02:37:21 $ */
diff --git a/libtomcrypt/src/pk/pkcs1/pkcs_1_pss_encode.c b/libtomcrypt/src/pk/pkcs1/pkcs_1_pss_encode.c
index 899605c..64bd312 100644
--- a/libtomcrypt/src/pk/pkcs1/pkcs_1_pss_encode.c
+++ b/libtomcrypt/src/pk/pkcs1/pkcs_1_pss_encode.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -118,7 +118,7 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen,
    x += saltlen;
 
    /* generate mask of length modulus_len - hLen - 1 from hash */
-   if ((err = pkcs_1_mgf1(hash, hLen, hash_idx, mask, modulus_len - hLen - 1)) != CRYPT_OK) {
+   if ((err = pkcs_1_mgf1(hash_idx, hash, hLen, mask, modulus_len - hLen - 1)) != CRYPT_OK) {
       goto LBL_ERR;
    }
 
@@ -129,6 +129,7 @@ int pkcs_1_pss_encode(const unsigned char *msghash, unsigned long msghashlen,
 
    /* output is DB || hash || 0xBC */
    if (*outlen < modulus_len) {
+      *outlen = modulus_len;
       err = CRYPT_BUFFER_OVERFLOW;
       goto LBL_ERR;
    }
@@ -170,5 +171,5 @@ LBL_ERR:
 #endif /* PKCS_1 */
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_pss_encode.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.7 $ */
+/* $Date: 2006/06/16 21:53:41 $ */
diff --git a/libtomcrypt/src/pk/pkcs1/pkcs_1_v1_5_decode.c b/libtomcrypt/src/pk/pkcs1/pkcs_1_v1_5_decode.c
new file mode 100644
index 0000000..b0a7c2d
--- /dev/null
+++ b/libtomcrypt/src/pk/pkcs1/pkcs_1_v1_5_decode.c
@@ -0,0 +1,110 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/** @file pkcs_1_v1_5_decode.c
+ *
+ *  PKCS #1 v1.5 Padding. (Andreas Lange)
+ */
+
+#ifdef PKCS_1
+
+/** @brief PKCS #1 v1.5 decode.
+ *
+ *  @param msg              The encoded data to decode
+ *  @param msglen           The length of the encoded data (octets)
+ *  @param block_type       Block type to use in padding (\sa ltc_pkcs_1_v1_5_blocks)
+ *  @param modulus_bitlen   The bit length of the RSA modulus
+ *  @param out              [out] Destination of decoding
+ *  @param outlen           [in/out] The max size and resulting size of the decoding
+ *  @param is_valid         [out] Boolean whether the padding was valid
+ *
+ *  @return CRYPT_OK if successful (even if invalid)
+ */
+int pkcs_1_v1_5_decode(const unsigned char *msg, 
+                             unsigned long  msglen,
+                                       int  block_type,
+                             unsigned long  modulus_bitlen,
+                             unsigned char *out, 
+                             unsigned long *outlen,
+                                       int *is_valid)
+{
+  unsigned long modulus_len, ps_len, i;
+  int result;
+
+  /* default to invalid packet */
+  *is_valid = 0;
+
+  modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0);
+
+  /* test message size */
+
+  if ((msglen > modulus_len) || (modulus_len < 11)) {
+    return CRYPT_PK_INVALID_SIZE;
+  }
+
+  /* separate encoded message */
+
+  if ((msg[0] != 0x00) || (msg[1] != (unsigned char)block_type)) {
+    result = CRYPT_INVALID_PACKET;
+    goto bail;
+  }
+
+  if (block_type == LTC_PKCS_1_EME) {
+    for (i = 2; i < modulus_len; i++) {
+      /* separator */
+      if (msg[i] == 0x00) { break; }
+    }
+    ps_len = i++ - 2;
+
+    if ((i >= modulus_len) || (ps_len < 8)) {
+      /* There was no octet with hexadecimal value 0x00 to separate ps from m,
+       * or the length of ps is less than 8 octets.
+       */
+      result = CRYPT_INVALID_PACKET;
+      goto bail;
+    }
+  } else {
+    for (i = 2; i < modulus_len - 1; i++) {
+       if (msg[i] != 0xFF) { break; }
+    }
+
+    /* separator check */
+    if (msg[i] != 0) {
+      /* There was no octet with hexadecimal value 0x00 to separate ps from m. */
+      result = CRYPT_INVALID_PACKET;
+      goto bail;
+    }
+
+    ps_len = i - 2;
+  }
+
+  if (*outlen < (msglen - (2 + ps_len + 1))) {
+    *outlen = msglen - (2 + ps_len + 1);
+    result = CRYPT_BUFFER_OVERFLOW;
+    goto bail;
+  }
+
+  *outlen = (msglen - (2 + ps_len + 1));
+  XMEMCPY(out, &msg[2 + ps_len + 1], *outlen);
+
+  /* valid packet */
+  *is_valid = 1;
+  result    = CRYPT_OK;
+bail:
+  return result;
+} /* pkcs_1_v1_5_decode */
+
+#endif /* #ifdef PKCS_1 */
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_v1_5_decode.c,v $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/12/16 17:41:21 $ */
diff --git a/libtomcrypt/src/pk/pkcs1/pkcs_1_v1_5_encode.c b/libtomcrypt/src/pk/pkcs1/pkcs_1_v1_5_encode.c
new file mode 100644
index 0000000..7edd1e6
--- /dev/null
+++ b/libtomcrypt/src/pk/pkcs1/pkcs_1_v1_5_encode.c
@@ -0,0 +1,111 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ *
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
+ */
+#include "tomcrypt.h"
+
+/*! \file pkcs_1_v1_5_encode.c
+ *
+ *  PKCS #1 v1.5 Padding (Andreas Lange)
+ */
+
+#ifdef PKCS_1
+
+/*! \brief PKCS #1 v1.5 encode.
+ *
+ *  \param msg              The data to encode
+ *  \param msglen           The length of the data to encode (octets)
+ *  \param block_type       Block type to use in padding (\sa ltc_pkcs_1_v1_5_blocks)
+ *  \param modulus_bitlen   The bit length of the RSA modulus
+ *  \param prng             An active PRNG state (only for LTC_PKCS_1_EME)
+ *  \param prng_idx         The index of the PRNG desired (only for LTC_PKCS_1_EME)
+ *  \param out              [out] The destination for the encoded data
+ *  \param outlen           [in/out] The max size and resulting size of the encoded data
+ *
+ *  \return CRYPT_OK if successful
+ */
+int pkcs_1_v1_5_encode(const unsigned char *msg, 
+                             unsigned long  msglen,
+                                       int  block_type,
+                             unsigned long  modulus_bitlen,
+                                prng_state *prng, 
+                                       int  prng_idx,
+                             unsigned char *out, 
+                             unsigned long *outlen)
+{
+  unsigned long modulus_len, ps_len, i;
+  unsigned char *ps;
+  int result;
+
+  /* valid block_type? */
+  if ((block_type != LTC_PKCS_1_EMSA) &&
+      (block_type != LTC_PKCS_1_EME)) {
+     return CRYPT_PK_INVALID_PADDING;
+  }
+
+  if (block_type == LTC_PKCS_1_EME) {    /* encryption padding, we need a valid PRNG */
+    if ((result = prng_is_valid(prng_idx)) != CRYPT_OK) {
+       return result;
+    }
+  }
+
+  modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0);
+
+  /* test message size */
+  if ((msglen + 11) > modulus_len) {
+    return CRYPT_PK_INVALID_SIZE;
+  }
+
+  if (*outlen < modulus_len) {
+    *outlen = modulus_len;
+    result = CRYPT_BUFFER_OVERFLOW;
+    goto bail;
+  }
+
+  /* generate an octets string PS */
+  ps = &out[2];
+  ps_len = modulus_len - msglen - 3;
+
+  if (block_type == LTC_PKCS_1_EME) {
+    /* now choose a random ps */
+    if (prng_descriptor[prng_idx].read(ps, ps_len, prng) != ps_len) {
+      result = CRYPT_ERROR_READPRNG;
+      goto bail;
+    }
+
+    /* transform zero bytes (if any) to non-zero random bytes */
+    for (i = 0; i < ps_len; i++) {
+      while (ps[i] == 0) {
+        if (prng_descriptor[prng_idx].read(&ps[i], 1, prng) != 1) {
+          result = CRYPT_ERROR_READPRNG;
+          goto bail;
+        }
+      }
+    }
+  } else {
+    XMEMSET(ps, 0xFF, ps_len);
+  }
+
+  /* create string of length modulus_len */
+  out[0]          = 0x00;
+  out[1]          = (unsigned char)block_type;  /* block_type 1 or 2 */
+  out[2 + ps_len] = 0x00;
+  XMEMCPY(&out[2 + ps_len + 1], msg, msglen);
+  *outlen = modulus_len;
+
+  result  = CRYPT_OK;
+bail:
+  return result;
+} /* pkcs_1_v1_5_encode */
+
+#endif /* #ifdef PKCS_1 */
+
+/* $Source: /cvs/libtom/libtomcrypt/src/pk/pkcs1/pkcs_1_v1_5_encode.c,v $ */
+/* $Revision: 1.2 $ */
+/* $Date: 2006/11/01 09:12:06 $ */
diff --git a/libtomcrypt/src/pk/rsa/rsa_decrypt_key.c b/libtomcrypt/src/pk/rsa/rsa_decrypt_key.c
index 7cea807..3dce20f 100644
--- a/libtomcrypt/src/pk/rsa/rsa_decrypt_key.c
+++ b/libtomcrypt/src/pk/rsa/rsa_decrypt_key.c
@@ -6,19 +6,19 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
 /**
   @file rsa_decrypt_key.c
-  RSA PKCS #1 OAEP Decryption, Tom St Denis
-*/  
+  RSA PKCS #1 Decryption, Tom St Denis and Andreas Lange
+*/
 
 #ifdef MRSA
 
 /**
-   (PKCS #1 v2.0) decrypt then OAEP depad  
+   PKCS #1 decrypt then v1.5 or OAEP depad
    @param in          The ciphertext
    @param inlen       The length of the ciphertext (octets)
    @param out         [out] The plaintext
@@ -26,20 +26,21 @@
    @param lparam      The system "lparam" value
    @param lparamlen   The length of the lparam value (octets)
    @param hash_idx    The index of the hash desired
+   @param padding     Type of padding (LTC_PKCS_1_OAEP or LTC_PKCS_1_V1_5)
    @param stat        [out] Result of the decryption, 1==valid, 0==invalid
    @param key         The corresponding private RSA key
    @return CRYPT_OK if succcessul (even if invalid)
 */
-int rsa_decrypt_key(const unsigned char *in,       unsigned long  inlen,
-                          unsigned char *out,      unsigned long *outlen, 
-                    const unsigned char *lparam,   unsigned long  lparamlen,
-                          int            hash_idx, int           *stat,
-                          rsa_key       *key)
+int rsa_decrypt_key_ex(const unsigned char *in,       unsigned long  inlen,
+                             unsigned char *out,      unsigned long *outlen,
+                       const unsigned char *lparam,   unsigned long  lparamlen,
+                             int            hash_idx, int            padding,
+                             int           *stat,     rsa_key       *key)
 {
   unsigned long modulus_bitlen, modulus_bytelen, x;
   int           err;
   unsigned char *tmp;
-  
+
   LTC_ARGCHK(out    != NULL);
   LTC_ARGCHK(outlen != NULL);
   LTC_ARGCHK(key    != NULL);
@@ -48,16 +49,25 @@ int rsa_decrypt_key(const unsigned char *in,       unsigned long  inlen,
   /* default to invalid */
   *stat = 0;
 
-  /* valid hash ? */
-  if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
-     return err;
+  /* valid padding? */
+
+  if ((padding != LTC_PKCS_1_V1_5) &&
+      (padding != LTC_PKCS_1_OAEP)) {
+    return CRYPT_PK_INVALID_PADDING;
   }
-  
+
+  if (padding == LTC_PKCS_1_OAEP) {
+    /* valid hash ? */
+    if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
+       return err;
+    }
+  }
+
   /* get modulus len in bits */
-  modulus_bitlen = mp_count_bits(&(key->N));
+  modulus_bitlen = mp_count_bits( (key->N));
 
   /* outlen must be at least the size of the modulus */
-  modulus_bytelen = mp_unsigned_bin_size(&(key->N));
+  modulus_bytelen = mp_unsigned_bin_size( (key->N));
   if (modulus_bytelen != inlen) {
      return CRYPT_INVALID_PACKET;
   }
@@ -70,24 +80,26 @@ int rsa_decrypt_key(const unsigned char *in,       unsigned long  inlen,
 
   /* rsa decode the packet */
   x = inlen;
-  if ((err = rsa_exptmod(in, inlen, tmp, &x, PK_PRIVATE, key)) != CRYPT_OK) {
+  if ((err = ltc_mp.rsa_me(in, inlen, tmp, &x, PK_PRIVATE, key)) != CRYPT_OK) {
      XFREE(tmp);
      return err;
   }
 
-  /* now OAEP decode the packet */
-  err = pkcs_1_oaep_decode(tmp, x, lparam, lparamlen, modulus_bitlen, hash_idx,
-                           out, outlen, stat);
+  if (padding == LTC_PKCS_1_OAEP) {
+    /* now OAEP decode the packet */
+    err = pkcs_1_oaep_decode(tmp, x, lparam, lparamlen, modulus_bitlen, hash_idx,
+                             out, outlen, stat);
+  } else {
+    /* now PKCS #1 v1.5 depad the packet */
+    err = pkcs_1_v1_5_decode(tmp, x, LTC_PKCS_1_EME, modulus_bitlen, out, outlen, stat);
+  }
+
   XFREE(tmp);
   return err;
 }
 
 #endif /* MRSA */
 
-
-
-
-
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/rsa/rsa_decrypt_key.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/01 09:18:22 $ */
diff --git a/libtomcrypt/src/pk/rsa/rsa_encrypt_key.c b/libtomcrypt/src/pk/rsa/rsa_encrypt_key.c
index d29aa83..8d2c228 100644
--- a/libtomcrypt/src/pk/rsa/rsa_encrypt_key.c
+++ b/libtomcrypt/src/pk/rsa/rsa_encrypt_key.c
@@ -6,14 +6,14 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
 /**
   @file rsa_encrypt_key.c
-  RSA PKCS OAEP encryption, Tom St Denis
-*/  
+  RSA PKCS #1 encryption, Tom St Denis and Andreas Lange
+*/
 
 #ifdef MRSA
 
@@ -28,53 +28,75 @@
     @param prng        An active PRNG
     @param prng_idx    The index of the desired prng
     @param hash_idx    The index of the desired hash
+    @param padding     Type of padding (LTC_PKCS_1_OAEP or LTC_PKCS_1_V1_5)
     @param key         The RSA key to encrypt to
     @return CRYPT_OK if successful
-*/    
-int rsa_encrypt_key(const unsigned char *in,     unsigned long inlen,
-                          unsigned char *out,    unsigned long *outlen,
-                    const unsigned char *lparam, unsigned long lparamlen,
-                    prng_state *prng, int prng_idx, int hash_idx, rsa_key *key)
+*/
+int rsa_encrypt_key_ex(const unsigned char *in,     unsigned long inlen,
+                             unsigned char *out,    unsigned long *outlen,
+                       const unsigned char *lparam, unsigned long lparamlen,
+                       prng_state *prng, int prng_idx, int hash_idx, int padding, rsa_key *key)
 {
   unsigned long modulus_bitlen, modulus_bytelen, x;
   int           err;
-  
+
   LTC_ARGCHK(in     != NULL);
   LTC_ARGCHK(out    != NULL);
   LTC_ARGCHK(outlen != NULL);
   LTC_ARGCHK(key    != NULL);
-  
-  /* valid prng and hash ? */
+
+  /* valid padding? */
+  if ((padding != LTC_PKCS_1_V1_5) &&
+      (padding != LTC_PKCS_1_OAEP)) {
+    return CRYPT_PK_INVALID_PADDING;
+  }
+
+  /* valid prng? */
   if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) {
      return err;
   }
-  if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
-     return err;
+
+  if (padding == LTC_PKCS_1_OAEP) {
+    /* valid hash? */
+    if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
+       return err;
+    }
   }
-  
+
   /* get modulus len in bits */
-  modulus_bitlen = mp_count_bits(&(key->N));
+  modulus_bitlen = mp_count_bits( (key->N));
 
   /* outlen must be at least the size of the modulus */
-  modulus_bytelen = mp_unsigned_bin_size(&(key->N));
+  modulus_bytelen = mp_unsigned_bin_size( (key->N));
   if (modulus_bytelen > *outlen) {
+     *outlen = modulus_bytelen;
      return CRYPT_BUFFER_OVERFLOW;
   }
-      
-  /* OAEP pad the key */
-  x = *outlen;
-  if ((err = pkcs_1_oaep_encode(in, inlen, lparam, 
-                                lparamlen, modulus_bitlen, prng, prng_idx, hash_idx, 
-                                out, &x)) != CRYPT_OK) {
-     return err;
-  }                                
 
-  /* rsa exptmod the OAEP pad */
-  return rsa_exptmod(out, x, out, outlen, PK_PUBLIC, key);
+  if (padding == LTC_PKCS_1_OAEP) {
+    /* OAEP pad the key */
+    x = *outlen;
+    if ((err = pkcs_1_oaep_encode(in, inlen, lparam,
+                                  lparamlen, modulus_bitlen, prng, prng_idx, hash_idx,
+                                  out, &x)) != CRYPT_OK) {
+       return err;
+    }
+  } else {
+    /* PKCS #1 v1.5 pad the key */
+    x = *outlen;
+    if ((err = pkcs_1_v1_5_encode(in, inlen, LTC_PKCS_1_EME,
+                                  modulus_bitlen, prng, prng_idx,
+                                  out, &x)) != CRYPT_OK) {
+      return err;
+    }
+  }
+
+  /* rsa exptmod the OAEP or PKCS #1 v1.5 pad */
+  return ltc_mp.rsa_me(out, x, out, outlen, PK_PUBLIC, key);
 }
 
 #endif /* MRSA */
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/rsa/rsa_encrypt_key.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/01 09:18:22 $ */
diff --git a/libtomcrypt/src/pk/rsa/rsa_export.c b/libtomcrypt/src/pk/rsa/rsa_export.c
index f2e324d..5b389ec 100644
--- a/libtomcrypt/src/pk/rsa/rsa_export.c
+++ b/libtomcrypt/src/pk/rsa/rsa_export.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -27,9 +27,7 @@
 */    
 int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key)
 {
-   int           err;
    unsigned long zero=0;
-
    LTC_ARGCHK(out    != NULL);
    LTC_ARGCHK(outlen != NULL);
    LTC_ARGCHK(key    != NULL);
@@ -44,27 +42,22 @@ int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key
       /* output is 
             Version, n, e, d, p, q, d mod (p-1), d mod (q - 1), 1/q mod p
        */
-      if ((err = der_encode_sequence_multi(out, outlen, 
+      return der_encode_sequence_multi(out, outlen, 
                           LTC_ASN1_SHORT_INTEGER, 1UL, &zero, 
-                          LTC_ASN1_INTEGER, 1UL, &key->N, 
-                          LTC_ASN1_INTEGER, 1UL, &key->e,
-                          LTC_ASN1_INTEGER, 1UL, &key->d, 
-                          LTC_ASN1_INTEGER, 1UL, &key->p, 
-                          LTC_ASN1_INTEGER, 1UL, &key->q, 
-                          LTC_ASN1_INTEGER, 1UL, &key->dP,
-                          LTC_ASN1_INTEGER, 1UL, &key->dQ, 
-                          LTC_ASN1_INTEGER, 1UL, &key->qP, 
-                          LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
-         return err;
-      }
- 
-      /* clear zero and return */
-      return CRYPT_OK;
+                          LTC_ASN1_INTEGER, 1UL,  key->N, 
+                          LTC_ASN1_INTEGER, 1UL,  key->e,
+                          LTC_ASN1_INTEGER, 1UL,  key->d, 
+                          LTC_ASN1_INTEGER, 1UL,  key->p, 
+                          LTC_ASN1_INTEGER, 1UL,  key->q, 
+                          LTC_ASN1_INTEGER, 1UL,  key->dP,
+                          LTC_ASN1_INTEGER, 1UL,  key->dQ, 
+                          LTC_ASN1_INTEGER, 1UL,  key->qP, 
+                          LTC_ASN1_EOL,     0UL, NULL);
    } else {
       /* public key */
       return der_encode_sequence_multi(out, outlen, 
-                                 LTC_ASN1_INTEGER, 1UL, &key->N, 
-                                 LTC_ASN1_INTEGER, 1UL, &key->e, 
+                                 LTC_ASN1_INTEGER, 1UL,  key->N, 
+                                 LTC_ASN1_INTEGER, 1UL,  key->e, 
                                  LTC_ASN1_EOL,     0UL, NULL);
    }
 }
@@ -72,5 +65,5 @@ int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key
 #endif /* MRSA */
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/rsa/rsa_export.c,v $ */
-/* $Revision: 1.11 $ */
-/* $Date: 2005/06/04 01:42:48 $ */
+/* $Revision: 1.15 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/pk/rsa/rsa_exptmod.c b/libtomcrypt/src/pk/rsa/rsa_exptmod.c
index 379404c..53dbf6b 100644
--- a/libtomcrypt/src/pk/rsa/rsa_exptmod.c
+++ b/libtomcrypt/src/pk/rsa/rsa_exptmod.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -31,7 +31,7 @@ int rsa_exptmod(const unsigned char *in,   unsigned long inlen,
                       unsigned char *out,  unsigned long *outlen, int which,
                       rsa_key *key)
 {
-   mp_int        tmp, tmpa, tmpb;
+   void         *tmp, *tmpa, *tmpb;
    unsigned long x;
    int           err;
 
@@ -39,7 +39,7 @@ int rsa_exptmod(const unsigned char *in,   unsigned long inlen,
    LTC_ARGCHK(out    != NULL);
    LTC_ARGCHK(outlen != NULL);
    LTC_ARGCHK(key    != NULL);
-   
+  
    /* is the key of the right type for the operation? */
    if (which == PK_PRIVATE && (key->type != PK_PRIVATE)) {
       return CRYPT_PK_NOT_PRIVATE;
@@ -51,65 +51,63 @@ int rsa_exptmod(const unsigned char *in,   unsigned long inlen,
    }
 
    /* init and copy into tmp */
-   if ((err = mp_init_multi(&tmp, &tmpa, &tmpb, NULL)) != MP_OKAY)                                    { return mpi_to_ltc_error(err); }
-   if ((err = mp_read_unsigned_bin(&tmp, (unsigned char *)in, (int)inlen)) != MP_OKAY)                { goto error; }
+   if ((err = mp_init_multi(&tmp, &tmpa, &tmpb, NULL)) != CRYPT_OK)                                    { return err; }
+   if ((err = mp_read_unsigned_bin(tmp, (unsigned char *)in, (int)inlen)) != CRYPT_OK)                 { goto error; }
 
    /* sanity check on the input */
-   if (mp_cmp(&key->N, &tmp) == MP_LT) {
+   if (mp_cmp(key->N, tmp) == LTC_MP_LT) {
       err = CRYPT_PK_INVALID_SIZE;
-      goto done;
+      goto error;
    }
 
    /* are we using the private exponent and is the key optimized? */
    if (which == PK_PRIVATE) {
       /* tmpa = tmp^dP mod p */
-      if ((err = mp_exptmod(&tmp, &key->dP, &key->p, &tmpa)) != MP_OKAY)                               { goto error; }
+      if ((err = mp_exptmod(tmp, key->dP, key->p, tmpa)) != CRYPT_OK)                               { goto error; }
 
       /* tmpb = tmp^dQ mod q */
-      if ((err = mp_exptmod(&tmp, &key->dQ, &key->q, &tmpb)) != MP_OKAY)                               { goto error; }
+      if ((err = mp_exptmod(tmp, key->dQ, key->q, tmpb)) != CRYPT_OK)                               { goto error; }
 
       /* tmp = (tmpa - tmpb) * qInv (mod p) */
-      if ((err = mp_sub(&tmpa, &tmpb, &tmp)) != MP_OKAY)                                              { goto error; }
-      if ((err = mp_mulmod(&tmp, &key->qP, &key->p, &tmp)) != MP_OKAY)                                { goto error; }
+      if ((err = mp_sub(tmpa, tmpb, tmp)) != CRYPT_OK)                                              { goto error; }
+      if ((err = mp_mulmod(tmp, key->qP, key->p, tmp)) != CRYPT_OK)                                { goto error; }
 
       /* tmp = tmpb + q * tmp */
-      if ((err = mp_mul(&tmp, &key->q, &tmp)) != MP_OKAY)                                             { goto error; }
-      if ((err = mp_add(&tmp, &tmpb, &tmp)) != MP_OKAY)                                               { goto error; }
+      if ((err = mp_mul(tmp, key->q, tmp)) != CRYPT_OK)                                             { goto error; }
+      if ((err = mp_add(tmp, tmpb, tmp)) != CRYPT_OK)                                               { goto error; }
    } else {
       /* exptmod it */
-      if ((err = mp_exptmod(&tmp, &key->e, &key->N, &tmp)) != MP_OKAY)                                { goto error; }
+      if ((err = mp_exptmod(tmp, key->e, key->N, tmp)) != CRYPT_OK)                                { goto error; }
    }
 
    /* read it back */
-   x = (unsigned long)mp_unsigned_bin_size(&key->N);
+   x = (unsigned long)mp_unsigned_bin_size(key->N);
    if (x > *outlen) {
+      *outlen = x;
       err = CRYPT_BUFFER_OVERFLOW;
-      goto done;
+      goto error;
    }
 
    /* this should never happen ... */
-   if (mp_unsigned_bin_size(&tmp) > mp_unsigned_bin_size(&key->N)) {
+   if (mp_unsigned_bin_size(tmp) > mp_unsigned_bin_size(key->N)) {
       err = CRYPT_ERROR;
-      goto done;
+      goto error;
    }
    *outlen = x;
 
    /* convert it */
    zeromem(out, x);
-   if ((err = mp_to_unsigned_bin(&tmp, out+(x-mp_unsigned_bin_size(&tmp)))) != MP_OKAY)               { goto error; }
+   if ((err = mp_to_unsigned_bin(tmp, out+(x-mp_unsigned_bin_size(tmp)))) != CRYPT_OK)               { goto error; }
 
    /* clean up and return */
    err = CRYPT_OK;
-   goto done;
 error:
-   err = mpi_to_ltc_error(err);
-done:
-   mp_clear_multi(&tmp, &tmpa, &tmpb, NULL);
+   mp_clear_multi(tmp, tmpa, tmpb, NULL);
    return err;
 }
 
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/rsa/rsa_exptmod.c,v $ */
-/* $Revision: 1.4 $ */
-/* $Date: 2005/06/23 02:10:22 $ */
+/* $Revision: 1.16 $ */
+/* $Date: 2006/12/04 03:09:28 $ */
diff --git a/libtomcrypt/src/pk/rsa/rsa_free.c b/libtomcrypt/src/pk/rsa/rsa_free.c
index 69eeaec..f48976a 100644
--- a/libtomcrypt/src/pk/rsa/rsa_free.c
+++ b/libtomcrypt/src/pk/rsa/rsa_free.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -23,13 +23,12 @@
 */
 void rsa_free(rsa_key *key)
 {
-   LTC_ARGCHK(key != NULL);
-   mp_clear_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP,
-                  &key->qP, &key->p, &key->q, NULL);
+   LTC_ARGCHKVD(key != NULL);
+   mp_clear_multi(key->e, key->d, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL);
 }
 
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/rsa/rsa_free.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/12/04 22:23:27 $ */
diff --git a/libtomcrypt/src/pk/rsa/rsa_import.c b/libtomcrypt/src/pk/rsa/rsa_import.c
index 5706134..7b12fd9 100644
--- a/libtomcrypt/src/pk/rsa/rsa_import.c
+++ b/libtomcrypt/src/pk/rsa/rsa_import.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -27,60 +27,111 @@
 int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
 {
    int           err;
-   mp_int        zero;
+   void         *zero;
+   unsigned char *tmpbuf;
+   unsigned long  t, x, y, z, tmpoid[16];
+   ltc_asn1_list ssl_pubkey_hashoid[2];
+   ltc_asn1_list ssl_pubkey[2];
 
-   LTC_ARGCHK(in  != NULL);
-   LTC_ARGCHK(key != NULL);
+   LTC_ARGCHK(in          != NULL);
+   LTC_ARGCHK(key         != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
 
    /* init key */
-   if ((err = mp_init_multi(&zero, &key->e, &key->d, &key->N, &key->dQ, 
-                            &key->dP, &key->qP, &key->p, &key->q, NULL)) != MP_OKAY) {
-      return mpi_to_ltc_error(err);
+   if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, 
+                            &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) {
+      return err;
    }
 
+   /* see if the OpenSSL DER format RSA public key will work */
+   tmpbuf = XCALLOC(1, MAX_RSA_SIZE*8);
+   if (tmpbuf == NULL) {
+       err = CRYPT_MEM;
+       goto LBL_ERR;
+   }
+
+   /* this includes the internal hash ID and optional params (NULL in this case) */
+   LTC_SET_ASN1(ssl_pubkey_hashoid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid,                sizeof(tmpoid)/sizeof(tmpoid[0]));   
+   LTC_SET_ASN1(ssl_pubkey_hashoid, 1, LTC_ASN1_NULL,              NULL,                  0);
+
+   /* the actual format of the SSL DER key is odd, it stores a RSAPublicKey in a **BIT** string ... so we have to extract it
+      then proceed to convert bit to octet 
+    */
+   LTC_SET_ASN1(ssl_pubkey, 0,         LTC_ASN1_SEQUENCE,          &ssl_pubkey_hashoid,   2);
+   LTC_SET_ASN1(ssl_pubkey, 1,         LTC_ASN1_BIT_STRING,        tmpbuf,                MAX_RSA_SIZE*8);
+
+   if (der_decode_sequence(in, inlen,
+                           ssl_pubkey, 2UL) == CRYPT_OK) {
+
+      /* ok now we have to reassemble the BIT STRING to an OCTET STRING.  Thanks OpenSSL... */
+      for (t = y = z = x = 0; x < ssl_pubkey[1].size; x++) {
+          y = (y << 1) | tmpbuf[x];
+          if (++z == 8) {
+             tmpbuf[t++] = (unsigned char)y;
+             y           = 0;
+             z           = 0;
+          }
+      }
+
+      /* now it should be SEQUENCE { INTEGER, INTEGER } */
+      if ((err = der_decode_sequence_multi(tmpbuf, t,
+                                           LTC_ASN1_INTEGER, 1UL, key->N, 
+                                           LTC_ASN1_INTEGER, 1UL, key->e, 
+                                           LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
+         XFREE(tmpbuf);
+         goto LBL_ERR;
+      }
+      XFREE(tmpbuf);
+      key->type = PK_PUBLIC;
+      return CRYPT_OK;
+   }
+   XFREE(tmpbuf);
+
+   /* not SSL public key, try to match against PKCS #1 standards */
    if ((err = der_decode_sequence_multi(in, inlen, 
-                                  LTC_ASN1_INTEGER, 1UL, &key->N, 
+                                  LTC_ASN1_INTEGER, 1UL, key->N, 
                                   LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
       goto LBL_ERR;
    }
 
-   if (mp_cmp_d(&key->N, 0) == MP_EQ) {
+   if (mp_cmp_d(key->N, 0) == LTC_MP_EQ) {
+      if ((err = mp_init(&zero)) != CRYPT_OK) { 
+         goto LBL_ERR;
+      }
       /* it's a private key */
       if ((err = der_decode_sequence_multi(in, inlen, 
-                          LTC_ASN1_INTEGER, 1UL, &zero, 
-                          LTC_ASN1_INTEGER, 1UL, &key->N, 
-                          LTC_ASN1_INTEGER, 1UL, &key->e,
-                          LTC_ASN1_INTEGER, 1UL, &key->d, 
-                          LTC_ASN1_INTEGER, 1UL, &key->p, 
-                          LTC_ASN1_INTEGER, 1UL, &key->q, 
-                          LTC_ASN1_INTEGER, 1UL, &key->dP,
-                          LTC_ASN1_INTEGER, 1UL, &key->dQ, 
-                          LTC_ASN1_INTEGER, 1UL, &key->qP, 
+                          LTC_ASN1_INTEGER, 1UL, zero, 
+                          LTC_ASN1_INTEGER, 1UL, key->N, 
+                          LTC_ASN1_INTEGER, 1UL, key->e,
+                          LTC_ASN1_INTEGER, 1UL, key->d, 
+                          LTC_ASN1_INTEGER, 1UL, key->p, 
+                          LTC_ASN1_INTEGER, 1UL, key->q, 
+                          LTC_ASN1_INTEGER, 1UL, key->dP,
+                          LTC_ASN1_INTEGER, 1UL, key->dQ, 
+                          LTC_ASN1_INTEGER, 1UL, key->qP, 
                           LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
+         mp_clear(zero);
          goto LBL_ERR;
       }
+      mp_clear(zero);
       key->type = PK_PRIVATE;
-   } else if (mp_cmp_d(&key->N, 1) == MP_EQ) {
+   } else if (mp_cmp_d(key->N, 1) == LTC_MP_EQ) {
       /* we don't support multi-prime RSA */
       err = CRYPT_PK_INVALID_TYPE;
       goto LBL_ERR;
    } else {
       /* it's a public key and we lack e */
       if ((err = der_decode_sequence_multi(in, inlen, 
-                                     LTC_ASN1_INTEGER, 1UL, &key->N, 
-                                     LTC_ASN1_INTEGER, 1UL, &key->e, 
+                                     LTC_ASN1_INTEGER, 1UL, key->N, 
+                                     LTC_ASN1_INTEGER, 1UL, key->e, 
                                      LTC_ASN1_EOL,     0UL, NULL)) != CRYPT_OK) {
          goto LBL_ERR;
       }
-
-      /* free up some ram */
-      mp_clear_multi(&key->p, &key->q, &key->qP, &key->dP, &key->dQ, NULL);
       key->type = PK_PUBLIC;
    }
    return CRYPT_OK;
 LBL_ERR:
-   mp_clear_multi(&zero, &key->d, &key->e, &key->N, &key->dQ, &key->dP,
-                  &key->qP, &key->p, &key->q, NULL);
+   mp_clear_multi(key->d,  key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL);
    return err;
 }
 
@@ -88,5 +139,5 @@ LBL_ERR:
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/rsa/rsa_import.c,v $ */
-/* $Revision: 1.10 $ */
-/* $Date: 2005/06/03 18:48:28 $ */
+/* $Revision: 1.21 $ */
+/* $Date: 2006/12/04 22:23:27 $ */
diff --git a/libtomcrypt/src/pk/rsa/rsa_make_key.c b/libtomcrypt/src/pk/rsa/rsa_make_key.c
index d874106..bd2a29b 100644
--- a/libtomcrypt/src/pk/rsa/rsa_make_key.c
+++ b/libtomcrypt/src/pk/rsa/rsa_make_key.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -28,10 +28,11 @@
 */
 int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key)
 {
-   mp_int p, q, tmp1, tmp2, tmp3;
+   void *p, *q, *tmp1, *tmp2, *tmp3;
    int    err;
 
-   LTC_ARGCHK(key != NULL);
+   LTC_ARGCHK(ltc_mp.name != NULL);
+   LTC_ARGCHK(key         != NULL);
 
    if ((size < (MIN_RSA_SIZE/8)) || (size > (MAX_RSA_SIZE/8))) {
       return CRYPT_INVALID_KEYSIZE;
@@ -45,81 +46,67 @@ int rsa_make_key(prng_state *prng, int wprng, int size, long e, rsa_key *key)
       return err;
    }
 
-   if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, &tmp3, NULL)) != MP_OKAY) {
-      return mpi_to_ltc_error(err);
+   if ((err = mp_init_multi(&p, &q, &tmp1, &tmp2, &tmp3, NULL)) != CRYPT_OK) {
+      return err;
    }
 
    /* make primes p and q (optimization provided by Wayne Scott) */
-   if ((err = mp_set_int(&tmp3, e)) != MP_OKAY) { goto error; }            /* tmp3 = e */
+   if ((err = mp_set_int(tmp3, e)) != CRYPT_OK)                      { goto errkey; }  /* tmp3 = e */
 
    /* make prime "p" */
    do {
-       if ((err = rand_prime(&p, size*4, prng, wprng)) != CRYPT_OK) { goto done; }
-       if ((err = mp_sub_d(&p, 1, &tmp1)) != MP_OKAY)               { goto error; }  /* tmp1 = p-1 */
-       if ((err = mp_gcd(&tmp1, &tmp3, &tmp2)) != MP_OKAY)          { goto error; }  /* tmp2 = gcd(p-1, e) */
-   } while (mp_cmp_d(&tmp2, 1) != 0);                                                /* while e divides p-1 */
+       if ((err = rand_prime( p, size/2, prng, wprng)) != CRYPT_OK)  { goto errkey; }
+       if ((err = mp_sub_d( p, 1,  tmp1)) != CRYPT_OK)               { goto errkey; }  /* tmp1 = p-1 */
+       if ((err = mp_gcd( tmp1,  tmp3,  tmp2)) != CRYPT_OK)          { goto errkey; }  /* tmp2 = gcd(p-1, e) */
+   } while (mp_cmp_d( tmp2, 1) != 0);                                                  /* while e divides p-1 */
 
    /* make prime "q" */
    do {
-       if ((err = rand_prime(&q, size*4, prng, wprng)) != CRYPT_OK) { goto done; }
-       if ((err = mp_sub_d(&q, 1, &tmp1)) != MP_OKAY)               { goto error; } /* tmp1 = q-1 */
-       if ((err = mp_gcd(&tmp1, &tmp3, &tmp2)) != MP_OKAY)          { goto error; } /* tmp2 = gcd(q-1, e) */
-   } while (mp_cmp_d(&tmp2, 1) != 0);                                               /* while e divides q-1 */
+       if ((err = rand_prime( q, size/2, prng, wprng)) != CRYPT_OK)  { goto errkey; }
+       if ((err = mp_sub_d( q, 1,  tmp1)) != CRYPT_OK)               { goto errkey; } /* tmp1 = q-1 */
+       if ((err = mp_gcd( tmp1,  tmp3,  tmp2)) != CRYPT_OK)          { goto errkey; } /* tmp2 = gcd(q-1, e) */
+   } while (mp_cmp_d( tmp2, 1) != 0);                                                 /* while e divides q-1 */
 
    /* tmp1 = lcm(p-1, q-1) */
-   if ((err = mp_sub_d(&p, 1, &tmp2)) != MP_OKAY)                  { goto error; } /* tmp2 = p-1 */
-                                                                   /* tmp1 = q-1 (previous do/while loop) */
-   if ((err = mp_lcm(&tmp1, &tmp2, &tmp1)) != MP_OKAY)             { goto error; } /* tmp1 = lcm(p-1, q-1) */
+   if ((err = mp_sub_d( p, 1,  tmp2)) != CRYPT_OK)                   { goto errkey; } /* tmp2 = p-1 */
+                                                                                      /* tmp1 = q-1 (previous do/while loop) */
+   if ((err = mp_lcm( tmp1,  tmp2,  tmp1)) != CRYPT_OK)              { goto errkey; } /* tmp1 = lcm(p-1, q-1) */
 
    /* make key */
-   if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP,
-                     &key->qP, &key->p, &key->q, NULL)) != MP_OKAY) {
-      goto error;
+   if ((err = mp_init_multi(&key->e, &key->d, &key->N, &key->dQ, &key->dP, &key->qP, &key->p, &key->q, NULL)) != CRYPT_OK) {
+      goto errkey;
    }
 
-   if ((err = mp_set_int(&key->e, e)) != MP_OKAY)                     { goto error2; } /* key->e =  e */
-   if ((err = mp_invmod(&key->e, &tmp1, &key->d)) != MP_OKAY)         { goto error2; } /* key->d = 1/e mod lcm(p-1,q-1) */
-   if ((err = mp_mul(&p, &q, &key->N)) != MP_OKAY)                    { goto error2; } /* key->N = pq */
+   if ((err = mp_set_int( key->e, e)) != CRYPT_OK)                     { goto errkey; } /* key->e =  e */
+   if ((err = mp_invmod( key->e,  tmp1,  key->d)) != CRYPT_OK)         { goto errkey; } /* key->d = 1/e mod lcm(p-1,q-1) */
+   if ((err = mp_mul( p,  q,  key->N)) != CRYPT_OK)                    { goto errkey; } /* key->N = pq */
 
    /* optimize for CRT now */
    /* find d mod q-1 and d mod p-1 */
-   if ((err = mp_sub_d(&p, 1, &tmp1)) != MP_OKAY)                     { goto error2; } /* tmp1 = q-1 */
-   if ((err = mp_sub_d(&q, 1, &tmp2)) != MP_OKAY)                     { goto error2; } /* tmp2 = p-1 */
-   if ((err = mp_mod(&key->d, &tmp1, &key->dP)) != MP_OKAY)           { goto error2; } /* dP = d mod p-1 */
-   if ((err = mp_mod(&key->d, &tmp2, &key->dQ)) != MP_OKAY)           { goto error2; } /* dQ = d mod q-1 */
-   if ((err = mp_invmod(&q, &p, &key->qP)) != MP_OKAY)                { goto error2; } /* qP = 1/q mod p */
-
-   if ((err = mp_copy(&p, &key->p)) != MP_OKAY)                       { goto error2; }
-   if ((err = mp_copy(&q, &key->q)) != MP_OKAY)                       { goto error2; }
-
-   /* shrink ram required  */
-   if ((err = mp_shrink(&key->e)) != MP_OKAY)                         { goto error2; }
-   if ((err = mp_shrink(&key->d)) != MP_OKAY)                         { goto error2; }
-   if ((err = mp_shrink(&key->N)) != MP_OKAY)                         { goto error2; }
-   if ((err = mp_shrink(&key->dQ)) != MP_OKAY)                        { goto error2; }
-   if ((err = mp_shrink(&key->dP)) != MP_OKAY)                        { goto error2; }
-   if ((err = mp_shrink(&key->qP)) != MP_OKAY)                        { goto error2; }
-   if ((err = mp_shrink(&key->p)) != MP_OKAY)                         { goto error2; }
-   if ((err = mp_shrink(&key->q)) != MP_OKAY)                         { goto error2; }
+   if ((err = mp_sub_d( p, 1,  tmp1)) != CRYPT_OK)                     { goto errkey; } /* tmp1 = q-1 */
+   if ((err = mp_sub_d( q, 1,  tmp2)) != CRYPT_OK)                     { goto errkey; } /* tmp2 = p-1 */
+   if ((err = mp_mod( key->d,  tmp1,  key->dP)) != CRYPT_OK)           { goto errkey; } /* dP = d mod p-1 */
+   if ((err = mp_mod( key->d,  tmp2,  key->dQ)) != CRYPT_OK)           { goto errkey; } /* dQ = d mod q-1 */
+   if ((err = mp_invmod( q,  p,  key->qP)) != CRYPT_OK)                { goto errkey; } /* qP = 1/q mod p */
+
+   if ((err = mp_copy( p,  key->p)) != CRYPT_OK)                       { goto errkey; }
+   if ((err = mp_copy( q,  key->q)) != CRYPT_OK)                       { goto errkey; }
 
    /* set key type (in this case it's CRT optimized) */
    key->type = PK_PRIVATE;
 
    /* return ok and free temps */
    err       = CRYPT_OK;
-   goto done;
-error2:
-   mp_clear_multi(&key->d, &key->e, &key->N, &key->dQ, &key->dP,
-                  &key->qP, &key->p, &key->q, NULL);
-error:
-   err = mpi_to_ltc_error(err);
-done:
-   mp_clear_multi(&tmp3, &tmp2, &tmp1, &p, &q, NULL);
+   goto cleanup;
+errkey:
+   mp_clear_multi(key->d, key->e, key->N, key->dQ, key->dP, key->qP, key->p, key->q, NULL);
+cleanup:
+   mp_clear_multi(tmp3, tmp2, tmp1, p, q, NULL);
    return err;
 }
 
 #endif
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/rsa/rsa_make_key.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.14 $ */
+/* $Date: 2006/12/04 22:23:27 $ */
diff --git a/libtomcrypt/src/pk/rsa/rsa_sign_hash.c b/libtomcrypt/src/pk/rsa/rsa_sign_hash.c
index d31bda3..f10a97a 100644
--- a/libtomcrypt/src/pk/rsa/rsa_sign_hash.c
+++ b/libtomcrypt/src/pk/rsa/rsa_sign_hash.c
@@ -6,23 +6,24 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
 /**
   @file rsa_sign_hash.c
-  RSA PKCS v2 PSS sign hash, Tom St Denis
-*/  
+  RSA PKCS #1 v1.5 and v2 PSS sign hash, Tom St Denis and Andreas Lange
+*/
 
 #ifdef MRSA
 
 /**
-  (PKCS #1, v2.0) PSS pad then sign 
+  PKCS #1 pad then sign
   @param in        The hash to sign
   @param inlen     The length of the hash to sign (octets)
   @param out       [out] The signature
-  @param outlen    [in/out] The max size and resulting size of the signature 
+  @param outlen    [in/out] The max size and resulting size of the signature
+  @param padding   Type of padding (LTC_PKCS_1_PSS or LTC_PKCS_1_V1_5)
   @param prng      An active PRNG state
   @param prng_idx  The index of the PRNG desired
   @param hash_idx  The index of the hash desired
@@ -30,50 +31,104 @@
   @param key       The private RSA key to use
   @return CRYPT_OK if successful
 */
-int rsa_sign_hash(const unsigned char *in,       unsigned long  inlen, 
-                        unsigned char *out,      unsigned long *outlen, 
-                        prng_state    *prng,     int            prng_idx,
-                        int            hash_idx, unsigned long  saltlen,
-                        rsa_key *key)
+int rsa_sign_hash_ex(const unsigned char *in,       unsigned long  inlen,
+                           unsigned char *out,      unsigned long *outlen,
+                           int            padding,
+                           prng_state    *prng,     int            prng_idx,
+                           int            hash_idx, unsigned long  saltlen,
+                           rsa_key *key)
 {
-   unsigned long modulus_bitlen, modulus_bytelen, x;
+   unsigned long modulus_bitlen, modulus_bytelen, x, y;
    int           err;
-   
-  LTC_ARGCHK(in       != NULL);
-  LTC_ARGCHK(out      != NULL);
-  LTC_ARGCHK(outlen   != NULL);
-  LTC_ARGCHK(key      != NULL);
-  
-  /* valid prng and hash ? */
-  if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) {
-     return err;
-  }
-  if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
-     return err;
-  }
-  
-  /* get modulus len in bits */
-  modulus_bitlen = mp_count_bits(&(key->N));
+
+   LTC_ARGCHK(in       != NULL);
+   LTC_ARGCHK(out      != NULL);
+   LTC_ARGCHK(outlen   != NULL);
+   LTC_ARGCHK(key      != NULL);
+
+   /* valid padding? */
+   if ((padding != LTC_PKCS_1_V1_5) && (padding != LTC_PKCS_1_PSS)) {
+     return CRYPT_PK_INVALID_PADDING;
+   }
+
+   if (padding == LTC_PKCS_1_PSS) {
+     /* valid prng and hash ? */
+     if ((err = prng_is_valid(prng_idx)) != CRYPT_OK) {
+        return err;
+     }
+     if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
+        return err;
+     }
+   }
+
+   /* get modulus len in bits */
+   modulus_bitlen = mp_count_bits((key->N));
 
   /* outlen must be at least the size of the modulus */
-  modulus_bytelen = mp_unsigned_bin_size(&(key->N));
+  modulus_bytelen = mp_unsigned_bin_size((key->N));
   if (modulus_bytelen > *outlen) {
+     *outlen = modulus_bytelen;
      return CRYPT_BUFFER_OVERFLOW;
   }
-      
-  /* PSS pad the key */
-  x = *outlen;
-  if ((err = pkcs_1_pss_encode(in, inlen, saltlen, prng, prng_idx,
-                               hash_idx, modulus_bitlen, out, &x)) != CRYPT_OK) {
-     return err;
+
+  if (padding == LTC_PKCS_1_PSS) {
+    /* PSS pad the key */
+    x = *outlen;
+    if ((err = pkcs_1_pss_encode(in, inlen, saltlen, prng, prng_idx,
+                                 hash_idx, modulus_bitlen, out, &x)) != CRYPT_OK) {
+       return err;
+    }
+  } else {
+    /* PKCS #1 v1.5 pad the hash */
+    unsigned char *tmpin;
+    ltc_asn1_list digestinfo[2], siginfo[2];
+
+    /* not all hashes have OIDs... so sad */
+    if (hash_descriptor[hash_idx].OIDlen == 0) {
+       return CRYPT_INVALID_ARG;
+    }
+
+    /* construct the SEQUENCE 
+      SEQUENCE {
+         SEQUENCE {hashoid OID
+                   blah    NULL
+         }
+         hash    OCTET STRING 
+      }
+   */
+    LTC_SET_ASN1(digestinfo, 0, LTC_ASN1_OBJECT_IDENTIFIER, hash_descriptor[hash_idx].OID, hash_descriptor[hash_idx].OIDlen);
+    LTC_SET_ASN1(digestinfo, 1, LTC_ASN1_NULL,              NULL,                          0);
+    LTC_SET_ASN1(siginfo,    0, LTC_ASN1_SEQUENCE,          digestinfo,                    2);
+    LTC_SET_ASN1(siginfo,    1, LTC_ASN1_OCTET_STRING,      in,                            inlen);
+
+    /* allocate memory for the encoding */
+    y = mp_unsigned_bin_size(key->N);
+    tmpin = XMALLOC(y);
+    if (tmpin == NULL) {
+       return CRYPT_MEM;
+    }
+
+    if ((err = der_encode_sequence(siginfo, 2, tmpin, &y)) != CRYPT_OK) {
+       XFREE(tmpin);
+       return err;
+    }
+
+    x = *outlen;
+    if ((err = pkcs_1_v1_5_encode(tmpin, y, LTC_PKCS_1_EMSA,
+                                  modulus_bitlen, NULL, 0,
+                                  out, &x)) != CRYPT_OK) {
+      XFREE(tmpin);
+      return err;
+    }
+    XFREE(tmpin);
   }
 
   /* RSA encode it */
-  return rsa_exptmod(out, x, out, outlen, PK_PRIVATE, key);
+  return ltc_mp.rsa_me(out, x, out, outlen, PK_PRIVATE, key);
 }
 
 #endif /* MRSA */
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/rsa/rsa_sign_hash.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/11/09 23:15:39 $ */
diff --git a/libtomcrypt/src/pk/rsa/rsa_verify_hash.c b/libtomcrypt/src/pk/rsa/rsa_verify_hash.c
index 690364d..4b61029 100644
--- a/libtomcrypt/src/pk/rsa/rsa_verify_hash.c
+++ b/libtomcrypt/src/pk/rsa/rsa_verify_hash.c
@@ -6,75 +6,156 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
 /**
   @file rsa_verify_hash.c
-  RSA PKCS v2 PSS signature verification, Tom St Denis
-*/  
+  RSA PKCS #1 v1.5 or v2 PSS signature verification, Tom St Denis and Andreas Lange
+*/
 
 #ifdef MRSA
 
 /**
-  (PKCS #1, v2.0) de-sign then PSS depad
+  PKCS #1 de-sign then v1.5 or PSS depad
   @param sig              The signature data
   @param siglen           The length of the signature data (octets)
   @param hash             The hash of the message that was signed
   @param hashlen          The length of the hash of the message that was signed (octets)
+  @param padding          Type of padding (LTC_PKCS_1_PSS or LTC_PKCS_1_V1_5)
   @param hash_idx         The index of the desired hash
   @param saltlen          The length of the salt used during signature
   @param stat             [out] The result of the signature comparison, 1==valid, 0==invalid
   @param key              The public RSA key corresponding to the key that performed the signature
   @return CRYPT_OK on success (even if the signature is invalid)
 */
-int rsa_verify_hash(const unsigned char *sig,      unsigned long siglen,
-                    const unsigned char *hash,     unsigned long hashlen,
-                          int            hash_idx, unsigned long saltlen,
-                          int           *stat,     rsa_key      *key)
+int rsa_verify_hash_ex(const unsigned char *sig,      unsigned long siglen,
+                       const unsigned char *hash,     unsigned long hashlen,
+                             int            padding,
+                             int            hash_idx, unsigned long saltlen,
+                             int           *stat,     rsa_key      *key)
 {
-   unsigned long modulus_bitlen, modulus_bytelen, x;
-   int           err;
-   unsigned char *tmpbuf;
-   
+  unsigned long modulus_bitlen, modulus_bytelen, x;
+  int           err;
+  unsigned char *tmpbuf;
+
   LTC_ARGCHK(hash  != NULL);
-  LTC_ARGCHK(sig      != NULL);
-  LTC_ARGCHK(stat     != NULL);
-  LTC_ARGCHK(key      != NULL);
+  LTC_ARGCHK(sig   != NULL);
+  LTC_ARGCHK(stat  != NULL);
+  LTC_ARGCHK(key   != NULL);
 
   /* default to invalid */
   *stat = 0;
-  
-  /* valid hash ? */
-  if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
-     return err;
+
+  /* valid padding? */
+
+  if ((padding != LTC_PKCS_1_V1_5) &&
+      (padding != LTC_PKCS_1_PSS)) {
+    return CRYPT_PK_INVALID_PADDING;
   }
-  
+
+  if (padding == LTC_PKCS_1_PSS) {
+    /* valid hash ? */
+    if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
+       return err;
+    }
+  }
+
   /* get modulus len in bits */
-  modulus_bitlen = mp_count_bits(&(key->N));
+  modulus_bitlen = mp_count_bits( (key->N));
 
   /* outlen must be at least the size of the modulus */
-  modulus_bytelen = mp_unsigned_bin_size(&(key->N));
+  modulus_bytelen = mp_unsigned_bin_size( (key->N));
   if (modulus_bytelen != siglen) {
      return CRYPT_INVALID_PACKET;
   }
-  
+
   /* allocate temp buffer for decoded sig */
   tmpbuf = XMALLOC(siglen);
   if (tmpbuf == NULL) {
      return CRYPT_MEM;
   }
-      
+
   /* RSA decode it  */
   x = siglen;
-  if ((err = rsa_exptmod(sig, siglen, tmpbuf, &x, PK_PUBLIC, key)) != CRYPT_OK) {
+  if ((err = ltc_mp.rsa_me(sig, siglen, tmpbuf, &x, PK_PUBLIC, key)) != CRYPT_OK) {
      XFREE(tmpbuf);
      return err;
   }
-  
-  /* PSS decode it */
-  err = pkcs_1_pss_decode(hash, hashlen, tmpbuf, x, saltlen, hash_idx, modulus_bitlen, stat);
+
+  /* make sure the output is the right size */
+  if (x != siglen) {
+     XFREE(tmpbuf);
+     return CRYPT_INVALID_PACKET;
+  }
+
+  if (padding == LTC_PKCS_1_PSS) {
+    /* PSS decode and verify it */
+    err = pkcs_1_pss_decode(hash, hashlen, tmpbuf, x, saltlen, hash_idx, modulus_bitlen, stat);
+  } else {
+    /* PKCS #1 v1.5 decode it */
+    unsigned char *out;
+    unsigned long outlen, loid[16];
+    int           decoded;
+    ltc_asn1_list digestinfo[2], siginfo[2];
+
+    /* not all hashes have OIDs... so sad */
+    if (hash_descriptor[hash_idx].OIDlen == 0) {
+       err = CRYPT_INVALID_ARG;
+       goto bail_2;
+    }
+
+    /* allocate temp buffer for decoded hash */
+    outlen = ((modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0)) - 3;
+    out    = XMALLOC(outlen);
+    if (out == NULL) {
+      err = CRYPT_MEM;
+      goto bail_2;
+    }
+
+    if ((err = pkcs_1_v1_5_decode(tmpbuf, x, LTC_PKCS_1_EMSA, modulus_bitlen, out, &outlen, &decoded)) != CRYPT_OK) {
+      XFREE(out);       
+      goto bail_2;
+    }
+
+    /* now we must decode out[0...outlen-1] using ASN.1, test the OID and then test the hash */
+    /* construct the SEQUENCE 
+      SEQUENCE {
+         SEQUENCE {hashoid OID
+                   blah    NULL
+         }
+         hash    OCTET STRING 
+      }
+   */
+    LTC_SET_ASN1(digestinfo, 0, LTC_ASN1_OBJECT_IDENTIFIER, loid, sizeof(loid)/sizeof(loid[0]));
+    LTC_SET_ASN1(digestinfo, 1, LTC_ASN1_NULL,              NULL,                          0);
+    LTC_SET_ASN1(siginfo,    0, LTC_ASN1_SEQUENCE,          digestinfo,                    2);
+    LTC_SET_ASN1(siginfo,    1, LTC_ASN1_OCTET_STRING,      tmpbuf,                        siglen);
+   
+    if ((err = der_decode_sequence(out, outlen, siginfo, 2)) != CRYPT_OK) {
+       XFREE(out);
+       goto bail_2;
+    }
+
+    /* test OID */
+    if ((digestinfo[0].size == hash_descriptor[hash_idx].OIDlen) &&
+        (XMEMCMP(digestinfo[0].data, hash_descriptor[hash_idx].OID, sizeof(unsigned long) * hash_descriptor[hash_idx].OIDlen) == 0) &&
+        (siginfo[1].size == hashlen) &&
+        (XMEMCMP(siginfo[1].data, hash, hashlen) == 0)) {
+       *stat = 1;
+    }
+
+#ifdef LTC_CLEAN_STACK
+    zeromem(out, outlen);
+#endif
+    XFREE(out);
+  }
+
+bail_2:
+#ifdef LTC_CLEAN_STACK
+  zeromem(tmpbuf, siglen);
+#endif
   XFREE(tmpbuf);
   return err;
 }
@@ -82,5 +163,5 @@ int rsa_verify_hash(const unsigned char *sig,      unsigned long siglen,
 #endif /* MRSA */
 
 /* $Source: /cvs/libtom/libtomcrypt/src/pk/rsa/rsa_verify_hash.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.11 $ */
+/* $Date: 2006/12/04 03:09:28 $ */
diff --git a/libtomcrypt/src/prngs/fortuna.c b/libtomcrypt/src/prngs/fortuna.c
index 8a3b8ea..159db52 100644
--- a/libtomcrypt/src/prngs/fortuna.c
+++ b/libtomcrypt/src/prngs/fortuna.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -74,6 +74,7 @@ static int fortuna_reseed(prng_state *prng)
    /* new K == SHA256(K || s) where s == SHA256(P0) || SHA256(P1) ... */
    sha256_init(&md);
    if ((err = sha256_process(&md, prng->fortuna.K, 32)) != CRYPT_OK) {
+      sha256_done(&md, tmp);
       return err;
    }
 
@@ -81,14 +82,19 @@ static int fortuna_reseed(prng_state *prng)
        if (x == 0 || ((prng->fortuna.reset_cnt >> (x-1)) & 1) == 0) { 
           /* terminate this hash */
           if ((err = sha256_done(&prng->fortuna.pool[x], tmp)) != CRYPT_OK) {
+             sha256_done(&md, tmp);
              return err; 
           }
           /* add it to the string */
           if ((err = sha256_process(&md, tmp, 32)) != CRYPT_OK) {
+             sha256_done(&md, tmp);
              return err;
           }
           /* reset this pool */
-          sha256_init(&prng->fortuna.pool[x]);
+          if ((err = sha256_init(&prng->fortuna.pool[x])) != CRYPT_OK) {
+             sha256_done(&md, tmp);
+             return err;
+          }
        } else {
           break;
        }
@@ -123,24 +129,35 @@ static int fortuna_reseed(prng_state *prng)
 */  
 int fortuna_start(prng_state *prng)
 {
-   int err, x;
+   int err, x, y;
+   unsigned char tmp[MAXBLOCKSIZE];
 
    LTC_ARGCHK(prng != NULL);
    
    /* initialize the pools */
    for (x = 0; x < FORTUNA_POOLS; x++) {
-       sha256_init(&prng->fortuna.pool[x]);
+       if ((err = sha256_init(&prng->fortuna.pool[x])) != CRYPT_OK) {
+          for (y = 0; y < x; y++) {
+              sha256_done(&prng->fortuna.pool[y], tmp);
+          }
+          return err;
+       }
    }
-   prng->fortuna.pool_idx = prng->fortuna.pool0_len = prng->fortuna.reset_cnt = 
-   prng->fortuna.wd = 0;
+   prng->fortuna.pool_idx = prng->fortuna.pool0_len = prng->fortuna.wd = 0;
+   prng->fortuna.reset_cnt = 0;
 
    /* reset bufs */
    zeromem(prng->fortuna.K, 32);
    if ((err = rijndael_setup(prng->fortuna.K, 32, 0, &prng->fortuna.skey)) != CRYPT_OK) {
+      for (x = 0; x < FORTUNA_POOLS; x++) {
+          sha256_done(&prng->fortuna.pool[x], tmp);
+      }
       return err;
    }
    zeromem(prng->fortuna.IV, 16);
-
+   
+   LTC_MUTEX_INIT(&prng->fortuna.prng_lock)
+   
    return CRYPT_OK;
 }
 
@@ -159,18 +176,23 @@ int fortuna_add_entropy(const unsigned char *in, unsigned long inlen, prng_state
    LTC_ARGCHK(in  != NULL);
    LTC_ARGCHK(prng != NULL);
 
+   LTC_MUTEX_LOCK(&prng->fortuna.prng_lock);
+
    /* ensure inlen <= 32 */
    if (inlen > 32) {
+      LTC_MUTEX_UNLOCK(&prng->fortuna.prng_lock);
       return CRYPT_INVALID_ARG;
    }
 
    /* add s || length(in) || in to pool[pool_idx] */
    tmp[0] = 0;
-   tmp[1] = inlen;
+   tmp[1] = (unsigned char)inlen;
    if ((err = sha256_process(&prng->fortuna.pool[prng->fortuna.pool_idx], tmp, 2)) != CRYPT_OK) {
+      LTC_MUTEX_UNLOCK(&prng->fortuna.prng_lock);
       return err;
    }
    if ((err = sha256_process(&prng->fortuna.pool[prng->fortuna.pool_idx], in, inlen)) != CRYPT_OK) {
+      LTC_MUTEX_UNLOCK(&prng->fortuna.prng_lock);
       return err;
    }
    if (prng->fortuna.pool_idx == 0) {
@@ -180,6 +202,7 @@ int fortuna_add_entropy(const unsigned char *in, unsigned long inlen, prng_state
       prng->fortuna.pool_idx = 0;
    }
 
+   LTC_MUTEX_UNLOCK(&prng->fortuna.prng_lock);
    return CRYPT_OK;
 }
 
@@ -209,9 +232,12 @@ unsigned long fortuna_read(unsigned char *out, unsigned long outlen, prng_state
    LTC_ARGCHK(out  != NULL);
    LTC_ARGCHK(prng != NULL);
 
+   LTC_MUTEX_LOCK(&prng->fortuna.prng_lock);
+
    /* do we have to reseed? */
    if (++prng->fortuna.wd == FORTUNA_WD || prng->fortuna.pool0_len >= 64) {
       if ((err = fortuna_reseed(prng)) != CRYPT_OK) {
+         LTC_MUTEX_UNLOCK(&prng->fortuna.prng_lock);
          return 0;
       }
    }
@@ -219,7 +245,7 @@ unsigned long fortuna_read(unsigned char *out, unsigned long outlen, prng_state
    /* now generate the blocks required */
    tlen = outlen;
 
-   /* handle whole blocks without the extra memcpy */
+   /* handle whole blocks without the extra XMEMCPY */
    while (outlen >= 16) {
       /* encrypt the IV and store it */
       rijndael_ecb_encrypt(prng->fortuna.IV, out, &prng->fortuna.skey);
@@ -239,12 +265,14 @@ unsigned long fortuna_read(unsigned char *out, unsigned long outlen, prng_state
    rijndael_ecb_encrypt(prng->fortuna.IV, prng->fortuna.K   , &prng->fortuna.skey); fortuna_update_iv(prng);
    rijndael_ecb_encrypt(prng->fortuna.IV, prng->fortuna.K+16, &prng->fortuna.skey); fortuna_update_iv(prng);
    if ((err = rijndael_setup(prng->fortuna.K, 32, 0, &prng->fortuna.skey)) != CRYPT_OK) {
+      LTC_MUTEX_UNLOCK(&prng->fortuna.prng_lock);
       return 0;
    }
 
 #ifdef LTC_CLEAN_STACK
    zeromem(tmp, sizeof(tmp));
 #endif
+   LTC_MUTEX_UNLOCK(&prng->fortuna.prng_lock);
    return tlen;
 }   
 
@@ -259,10 +287,12 @@ int fortuna_done(prng_state *prng)
    unsigned char tmp[32];
 
    LTC_ARGCHK(prng != NULL);
+   LTC_MUTEX_LOCK(&prng->fortuna.prng_lock);
 
    /* terminate all the hashes */
    for (x = 0; x < FORTUNA_POOLS; x++) {
        if ((err = sha256_done(&(prng->fortuna.pool[x]), tmp)) != CRYPT_OK) {
+          LTC_MUTEX_UNLOCK(&prng->fortuna.prng_lock);
           return err; 
        }
    }
@@ -272,6 +302,7 @@ int fortuna_done(prng_state *prng)
    zeromem(tmp, sizeof(tmp));
 #endif
 
+   LTC_MUTEX_UNLOCK(&prng->fortuna.prng_lock);
    return CRYPT_OK;
 }
 
@@ -291,13 +322,18 @@ int fortuna_export(unsigned char *out, unsigned long *outlen, prng_state *prng)
    LTC_ARGCHK(outlen != NULL);
    LTC_ARGCHK(prng   != NULL);
 
+   LTC_MUTEX_LOCK(&prng->fortuna.prng_lock);
+
    /* we'll write bytes for s&g's */
    if (*outlen < 32*FORTUNA_POOLS) {
+      LTC_MUTEX_UNLOCK(&prng->fortuna.prng_lock);
+      *outlen = 32*FORTUNA_POOLS;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
    md = XMALLOC(sizeof(hash_state));
    if (md == NULL) {
+      LTC_MUTEX_UNLOCK(&prng->fortuna.prng_lock);
       return CRYPT_MEM;
    }
 
@@ -332,6 +368,7 @@ LBL_ERR:
    zeromem(md, sizeof(*md));
 #endif
    XFREE(md);
+   LTC_MUTEX_UNLOCK(&prng->fortuna.prng_lock);
    return err;
 }
  
@@ -386,5 +423,5 @@ int fortuna_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/prngs/fortuna.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.12 $ */
+/* $Date: 2006/12/04 21:34:03 $ */
diff --git a/libtomcrypt/src/prngs/rc4.c b/libtomcrypt/src/prngs/rc4.c
index 4d29d9a..cf118ad 100644
--- a/libtomcrypt/src/prngs/rc4.c
+++ b/libtomcrypt/src/prngs/rc4.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -130,6 +130,10 @@ unsigned long rc4_read(unsigned char *out, unsigned long outlen, prng_state *prn
    LTC_ARGCHK(out != NULL);
    LTC_ARGCHK(prng != NULL);
 
+#ifdef LTC_VALGRIND
+   zeromem(out, outlen);
+#endif
+
    n = outlen;
    x = prng->rc4.x;
    y = prng->rc4.y;
@@ -171,6 +175,7 @@ int rc4_export(unsigned char *out, unsigned long *outlen, prng_state *prng)
    LTC_ARGCHK(prng   != NULL);
 
    if (*outlen < 32) {
+      *outlen = 32;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
@@ -211,7 +216,7 @@ int rc4_import(const unsigned char *in, unsigned long inlen, prng_state *prng)
 */  
 int rc4_test(void)
 {
-#ifndef LTC_TEST
+#if !defined(LTC_TEST) || defined(LTC_VALGRIND)
    return CRYPT_NOP;
 #else
    static const struct {
@@ -242,7 +247,7 @@ int rc4_test(void)
           return CRYPT_ERROR_READPRNG;
        }
        rc4_done(&prng);
-       if (memcmp(dst, tests[x].ct, 8)) {
+       if (XMEMCMP(dst, tests[x].ct, 8)) {
 #if 0
           int y;
           printf("\n\nRC4 failed, I got:\n"); 
@@ -260,5 +265,5 @@ int rc4_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/prngs/rc4.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.9 $ */
+/* $Date: 2006/11/16 00:32:18 $ */
diff --git a/libtomcrypt/src/prngs/rng_get_bytes.c b/libtomcrypt/src/prngs/rng_get_bytes.c
index a711dfa..7d332b5 100644
--- a/libtomcrypt/src/prngs/rng_get_bytes.c
+++ b/libtomcrypt/src/prngs/rng_get_bytes.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -50,7 +50,7 @@ static unsigned long rng_nix(unsigned char *buf, unsigned long len,
 #endif /* DEVRANDOM */
 
 /* on ANSI C platforms with 100 < CLOCKS_PER_SEC < 10000 */
-#if defined(CLOCKS_PER_SEC)
+#if defined(CLOCKS_PER_SEC) && !defined(WINCE)
 
 #define ANSI_RNG
 
@@ -87,8 +87,12 @@ static unsigned long rng_ansic(unsigned char *buf, unsigned long len,
 #endif 
 
 /* Try the Microsoft CSP */
-#ifdef WIN32
+#if defined(WIN32) || defined(WINCE)
 #define _WIN32_WINNT 0x0400
+#ifdef WINCE
+   #define UNDER_CE
+   #define ARM
+#endif
 #include <windows.h>
 #include <wincrypt.h>
 
@@ -140,5 +144,5 @@ unsigned long rng_get_bytes(unsigned char *out, unsigned long outlen,
 }
 
 /* $Source: /cvs/libtom/libtomcrypt/src/prngs/rng_get_bytes.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.5 $ */
+/* $Date: 2006/12/06 02:01:29 $ */
diff --git a/libtomcrypt/src/prngs/rng_make_prng.c b/libtomcrypt/src/prngs/rng_make_prng.c
index 51b6e6c..35631ab 100644
--- a/libtomcrypt/src/prngs/rng_make_prng.c
+++ b/libtomcrypt/src/prngs/rng_make_prng.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -65,5 +65,5 @@ int rng_make_prng(int bits, int wprng, prng_state *prng,
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/prngs/rng_make_prng.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/prngs/sober128.c b/libtomcrypt/src/prngs/sober128.c
index c89f01c..0361387 100644
--- a/libtomcrypt/src/prngs/sober128.c
+++ b/libtomcrypt/src/prngs/sober128.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -294,6 +294,10 @@ unsigned long sober128_read(unsigned char *out, unsigned long outlen, prng_state
    LTC_ARGCHK(out  != NULL);
    LTC_ARGCHK(prng != NULL);
 
+#ifdef LTC_VALGRIND
+   zeromem(out, outlen);
+#endif
+
    c = &(prng->sober128);
    t = 0;
    tlen = outlen;
@@ -381,6 +385,7 @@ int sober128_export(unsigned char *out, unsigned long *outlen, prng_state *prng)
    LTC_ARGCHK(prng   != NULL);
 
    if (*outlen < 64) {
+      *outlen = 64;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
@@ -436,11 +441,11 @@ int sober128_test(void)
    16, 4, 20,
 
    /* key */
-   { 't', 'e', 's', 't', ' ', 'k', 'e', 'y', 
-     ' ', '1', '2', '8', 'b', 'i', 't', 's' },
+   { 0x74, 0x65, 0x73, 0x74, 0x20, 0x6b, 0x65, 0x79, 
+     0x20, 0x31, 0x32, 0x38, 0x62, 0x69, 0x74, 0x73 },
 
    /* IV */
-   { 0x00, 0x00, 0x00, 0x0 },
+   { 0x00, 0x00, 0x00, 0x00 },
 
    /* expected output */
    { 0x43, 0x50, 0x0c, 0xcf, 0x89, 0x91, 0x9f, 0x1d,
@@ -469,12 +474,12 @@ int sober128_test(void)
        if ((err = sober128_ready(&prng)) != CRYPT_OK) {
           return err;
        }
-       memset(dst, 0, tests[x].len);
+       XMEMSET(dst, 0, tests[x].len);
        if (sober128_read(dst, tests[x].len, &prng) != (unsigned long)tests[x].len) {
           return CRYPT_ERROR_READPRNG;
        }
        sober128_done(&prng);
-       if (memcmp(dst, tests[x].out, tests[x].len)) {
+       if (XMEMCMP(dst, tests[x].out, tests[x].len)) {
 #if 0
           printf("\n\nSOBER128 failed, I got:\n"); 
           for (y = 0; y < tests[x].len; y++) printf("%02x ", dst[y]);
@@ -491,5 +496,5 @@ int sober128_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/prngs/sober128.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.8 $ */
+/* $Date: 2006/11/05 00:11:36 $ */
diff --git a/libtomcrypt/src/prngs/sprng.c b/libtomcrypt/src/prngs/sprng.c
index 4e657da..190e33d 100644
--- a/libtomcrypt/src/prngs/sprng.c
+++ b/libtomcrypt/src/prngs/sprng.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -132,5 +132,5 @@ int sprng_test(void)
  
 
 /* $Source: /cvs/libtom/libtomcrypt/src/prngs/sprng.c,v $ */
-/* $Revision: 1.3 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.4 $ */
+/* $Date: 2006/03/31 14:15:35 $ */
diff --git a/libtomcrypt/src/prngs/yarrow.c b/libtomcrypt/src/prngs/yarrow.c
index 0e59c22..9fbd4f6 100644
--- a/libtomcrypt/src/prngs/yarrow.c
+++ b/libtomcrypt/src/prngs/yarrow.c
@@ -6,7 +6,7 @@
  * The library is free for all purposes without any express
  * guarantee it works.
  *
- * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.org
+ * Tom St Denis, tomstdenis@gmail.com, http://libtomcrypt.com
  */
 #include "tomcrypt.h"
 
@@ -66,6 +66,12 @@ int yarrow_start(prng_state *prng)
    prng->yarrow.cipher = register_cipher(&rc2_desc);
 #elif defined(NOEKEON)   
    prng->yarrow.cipher = register_cipher(&noekeon_desc);
+#elif defined(ANUBIS)   
+   prng->yarrow.cipher = register_cipher(&anubis_desc);
+#elif defined(KSEED)   
+   prng->yarrow.cipher = register_cipher(&kseed_desc);
+#elif defined(KHAZAD)   
+   prng->yarrow.cipher = register_cipher(&khazad_desc);
 #elif defined(CAST5)
    prng->yarrow.cipher = register_cipher(&cast5_desc);
 #elif defined(XTEA)
@@ -89,6 +95,10 @@ int yarrow_start(prng_state *prng)
    prng->yarrow.hash   = register_hash(&tiger_desc);
 #elif defined(SHA1)
    prng->yarrow.hash   = register_hash(&sha1_desc);
+#elif defined(RIPEMD320)
+   prng->yarrow.hash   = register_hash(&rmd320_desc);
+#elif defined(RIPEMD256)
+   prng->yarrow.hash   = register_hash(&rmd256_desc);
 #elif defined(RIPEMD160)
    prng->yarrow.hash   = register_hash(&rmd160_desc);
 #elif defined(RIPEMD128)
@@ -110,6 +120,7 @@ int yarrow_start(prng_state *prng)
 
    /* zero the memory used */
    zeromem(prng->yarrow.pool, sizeof(prng->yarrow.pool));
+   LTC_MUTEX_INIT(&prng->yarrow.prng_lock)
 
    return CRYPT_OK;
 }
@@ -128,32 +139,40 @@ int yarrow_add_entropy(const unsigned char *in, unsigned long inlen, prng_state
 
    LTC_ARGCHK(in  != NULL);
    LTC_ARGCHK(prng != NULL);
-
+   
+   LTC_MUTEX_LOCK(&prng->yarrow.prng_lock);
+   
    if ((err = hash_is_valid(prng->yarrow.hash)) != CRYPT_OK) {
+      LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
       return err;
    }
 
    /* start the hash */
    if ((err = hash_descriptor[prng->yarrow.hash].init(&md)) != CRYPT_OK) {
+      LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
       return err; 
    }
 
    /* hash the current pool */
    if ((err = hash_descriptor[prng->yarrow.hash].process(&md, prng->yarrow.pool, 
                                                         hash_descriptor[prng->yarrow.hash].hashsize)) != CRYPT_OK) {
+      LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
       return err;
    }
 
    /* add the new entropy */
    if ((err = hash_descriptor[prng->yarrow.hash].process(&md, in, inlen)) != CRYPT_OK) {
+      LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
       return err;
    }
 
    /* store result */
    if ((err = hash_descriptor[prng->yarrow.hash].done(&md, prng->yarrow.pool)) != CRYPT_OK) {
+      LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
       return err;
    }
 
+   LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
    return CRYPT_OK;
 }
 
@@ -167,18 +186,22 @@ int yarrow_ready(prng_state *prng)
    int ks, err;
 
    LTC_ARGCHK(prng != NULL);
+   LTC_MUTEX_LOCK(&prng->yarrow.prng_lock);
 
    if ((err = hash_is_valid(prng->yarrow.hash)) != CRYPT_OK) {
+      LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
       return err;
    }
    
    if ((err = cipher_is_valid(prng->yarrow.cipher)) != CRYPT_OK) {
+      LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
       return err;
    }
 
    /* setup CTR mode using the "pool" as the key */
    ks = (int)hash_descriptor[prng->yarrow.hash].hashsize;
    if ((err = cipher_descriptor[prng->yarrow.cipher].keysize(&ks)) != CRYPT_OK) {
+      LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
       return err;
    }
 
@@ -188,8 +211,10 @@ int yarrow_ready(prng_state *prng)
                         0,                       /* number of rounds */
                         CTR_COUNTER_LITTLE_ENDIAN, /* little endian counter */
                         &prng->yarrow.ctr)) != CRYPT_OK) {
+      LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
       return err;
    }
+   LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
    return CRYPT_OK;
 }
 
@@ -205,13 +230,17 @@ unsigned long yarrow_read(unsigned char *out, unsigned long outlen, prng_state *
    LTC_ARGCHK(out  != NULL);
    LTC_ARGCHK(prng != NULL);
 
+   LTC_MUTEX_LOCK(&prng->yarrow.prng_lock);
+
    /* put out in predictable state first */
    zeromem(out, outlen);
    
    /* now randomize it */
    if (ctr_encrypt(out, out, outlen, &prng->yarrow.ctr) != CRYPT_OK) {
+      LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
       return 0;
    }
+   LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
    return outlen;
 }
 
@@ -222,12 +251,18 @@ unsigned long yarrow_read(unsigned char *out, unsigned long outlen, prng_state *
 */  
 int yarrow_done(prng_state *prng)
 {
+   int err;
    LTC_ARGCHK(prng != NULL);
 
+   LTC_MUTEX_LOCK(&prng->yarrow.prng_lock);
+
    /* call cipher done when we invent one ;-) */
 
    /* we invented one */
-   return ctr_done(&prng->yarrow.ctr);
+   err = ctr_done(&prng->yarrow.ctr);
+   
+   LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
+   return err;
 }
 
 /**
@@ -243,12 +278,17 @@ int yarrow_export(unsigned char *out, unsigned long *outlen, prng_state *prng)
    LTC_ARGCHK(outlen != NULL);
    LTC_ARGCHK(prng   != NULL);
 
+   LTC_MUTEX_LOCK(&prng->yarrow.prng_lock);
+
    /* we'll write 64 bytes for s&g's */
    if (*outlen < 64) {
+      LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
+      *outlen = 64;
       return CRYPT_BUFFER_OVERFLOW;
    }
 
    if (yarrow_read(out, 64, prng) != 64) {
+      LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
       return CRYPT_ERROR_READPRNG;
    }
    *outlen = 64;
@@ -269,15 +309,21 @@ int yarrow_import(const unsigned char *in, unsigned long inlen, prng_state *prng
 
    LTC_ARGCHK(in   != NULL);
    LTC_ARGCHK(prng != NULL);
+   
+   LTC_MUTEX_LOCK(&prng->yarrow.prng_lock);
 
    if (inlen != 64) {
+      LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
       return CRYPT_INVALID_ARG;
    }
 
    if ((err = yarrow_start(prng)) != CRYPT_OK) {
+      LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
       return err;
    }
-   return yarrow_add_entropy(in, 64, prng);
+   err = yarrow_add_entropy(in, 64, prng);
+   LTC_MUTEX_UNLOCK(&prng->yarrow.prng_lock);
+   return err;
 }
 
 /**
@@ -304,7 +350,6 @@ int yarrow_test(void)
       return err; 
    }
 
-   yarrow_done(&prng);
    return CRYPT_OK;
 #endif
 }
@@ -313,5 +358,5 @@ int yarrow_test(void)
 
 
 /* $Source: /cvs/libtom/libtomcrypt/src/prngs/yarrow.c,v $ */
-/* $Revision: 1.5 $ */
-/* $Date: 2005/05/05 14:35:59 $ */
+/* $Revision: 1.10 $ */
+/* $Date: 2006/11/14 04:21:17 $ */
author	Matt Johnston <matt@ucc.asn.au>	2007-01-11 02:41:05 +0000
committer	Matt Johnston <matt@ucc.asn.au>	2007-01-11 02:41:05 +0000
commit	a938f4cfe140e8561d9dbf108b896492a662a893 (patch)
tree	f2a74322f959ff6a505ba5e87274ebe3d17d5e74 /libtomcrypt/src
parent	692d737a821c5e401c227d936b8f0d76b955650f (diff)
parent	28ad393b008b34bc3cdbaa192440b8cc615329f0 (diff)