1 сар өмнө · c421e570c6
--- a/.ci/cmake.bat
+++ b/.ci/cmake.bat
@@ -0,0 +1,9 @@
 
				+

			
 
				+if "Visual Studio 2017"=="%APPVEYOR_BUILD_WORKER_IMAGE%" goto :eof

			
 
				+if "Visual Studio 2015"=="%APPVEYOR_BUILD_WORKER_IMAGE%" goto :eof

			
 
				+

			
 
				+mkdir build

			
 
				+cd build

			
 
				+cmake -G "Ninja" ..

			
 
				+ninja

			
 
				+cd..

			
--- a/.ci/coverage_more.sh
+++ b/.ci/coverage_more.sh
@@ -2,14 +2,26 @@
 
				 
			
 
				 set -e
			
 
				 
			
 
				+function pdiv() {
			
 
				+  printf "\n====== %s ======\n" "$*"
			
 
				+}
			
 
				+
			
 
				 if [ "$#" = "1" -a "$(echo $1 | grep 'gmp')" != "" ]; then
			
 
				+   pdiv "Test GMP"
			
 
				    ./test t gmp
			
 
				 fi
			
 
				 
			
 
				+pdiv "Sizes"
			
 
				 ./sizes
			
 
				+pdiv "Constants"
			
 
				 ./constants
			
 
				 
			
 
				-for i in $(for j in $(echo $(./hashsum -h | awk '/Algorithms/,EOF' | tail -n +2)); do echo $j; done | sort); do echo -n "$i: " && ./hashsum -a $i tests/test.key ; done > hashsum_tv.txt
			
 
				+pdiv "Generate hashsum_tv.txt"
			
 
				+for i in $(for j in $(echo $(./hashsum -h | awk '/Algorithms/,EOF' | tail -n +2)); do echo $j; done | sort); do
			
 
				+  echo -n "$i: " && ./hashsum -a $i tests/test.key
			
 
				+done > hashsum_tv.txt
			
 
				+
			
 
				+pdiv "Compare hashsum_tv.txt"
			
 
				 difftroubles=$(diff -i -w -B hashsum_tv.txt notes/hashsum_tv.txt | grep '^<') || true
			
 
				 if [ -n "$difftroubles" ]; then
			
 
				   echo "FAILURE: hashsum_tv.tx"
			
--- a/.ci/meta_builds.sh
+++ b/.ci/meta_builds.sh
@@ -22,12 +22,12 @@ fi
 
				 function run_gcc() {
			
 
				    bash .ci/check_source.sh "CHECK_SOURCES" "$2" "$3" "$4" "$5"
			
 
				 
			
 
				-   make -j$(nproc) pem-info V=0
			
 
				+   make -j$(nproc) latex-tables V=0
			
 
				 
			
 
				    echo "verify docs..."
			
 
				    while read -r line; do
			
 
				      grep -q -e "$line" doc/crypt.tex || { echo "Failed to find \"$line\" in doc/crypt.tex"; exit 1; }
			
 
				-   done < <(./pem-info | grep '^\\' | sed 's@\\@\\\\@g')
			
 
				+   done < <(./latex-tables | grep '^\\' | sed 's@\\@\\\\@g')
			
 
				    echo "docs OK"
			
 
				 
			
 
				    make clean &>/dev/null
			
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -46,7 +46,6 @@ jobs:
 
				           - { BUILDNAME: 'VALGRIND',                BUILDOPTIONS: '',                                                                     BUILDSCRIPT: '.ci/valgrind.sh' }
			
 
				           - { BUILDNAME: 'STOCK',                   BUILDOPTIONS: '',                                                                     BUILDSCRIPT: '.ci/run.sh' }
			
 
				           - { BUILDNAME: 'STOCK-MPI',               BUILDOPTIONS: '-ULTM_DESC -UTFM_DESC -UUSE_LTM -UUSE_TFM',                            BUILDSCRIPT: '.ci/run.sh' }
			
 
				-          - { BUILDNAME: 'STOCK+AESNI',             BUILDOPTIONS: '-DLTC_AES_NI',                                                         BUILDSCRIPT: '.ci/run.sh' }
			
 
				           - { BUILDNAME: 'EASY',                    BUILDOPTIONS: '-DLTC_EASY',                                                           BUILDSCRIPT: '.ci/run.sh' }
			
 
				           - { BUILDNAME: 'SMALL',                   BUILDOPTIONS: '-DLTC_SMALL_CODE',                                                     BUILDSCRIPT: '.ci/run.sh' }
			
 
				           - { BUILDNAME: 'NO_TABLES',               BUILDOPTIONS: '-DLTC_NO_TABLES',                                                      BUILDSCRIPT: '.ci/run.sh' }
			
--- a/.gitignore
+++ b/.gitignore
@@ -32,6 +32,8 @@ constants
 
				 constants.exe

			
 
				 crypt

			
 
				 crypt.exe

			
 
				+der_print_flexi

			
 
				+der_print_flexi.exe

			
 
				 hashsum

			
 
				 hashsum.exe

			
 
				 multi

			
@@ -40,8 +42,8 @@ openssl-enc
 
				 openssl-enc.exe

			
 
				 openssh-privkey

			
 
				 openssh-privkey.exe

			
 
				-pem-info

			
 
				-pem-info.exe

			
 
				+latex-tables

			
 
				+latex-tables.exe

			
 
				 sizes

			
 
				 sizes.exe

			
 
				 small

			
@@ -107,7 +109,7 @@ doxygen/
 
				 *.lof

			
 
				 *.bak

			
 
				 

			
 
				-coverage/

			
 
				+coverage*/

			
 
				 coverage*.info

			
 
				 

			
 
				 # coverity intermediate directory etc.

			
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -3,7 +3,7 @@
 
				 # LibTomCrypt, modular cryptographic library -- Tom St Denis
			
 
				 #
			
 
				 
			
 
				-cmake_minimum_required(VERSION 3.10)
			
 
				+cmake_minimum_required(VERSION 3.22)
			
 
				 
			
 
				 project(
			
 
				     libtomcrypt
			
@@ -50,23 +50,11 @@ option(BUILD_SHARED_LIBS
 
				 )
			
 
				 option(WITH_PTHREAD "Build with pthread support" FALSE)
			
 
				 
			
 
				-# -----------------------------------------------------------------------------
			
 
				-# Add support for ccache if desired
			
 
				-# -----------------------------------------------------------------------------
			
 
				-find_program(CCACHE ccache)
			
 
				-
			
 
				-if(CCACHE)
			
 
				-    option(ENABLE_CCACHE "Enable ccache." ON)
			
 
				-endif()
			
 
				-
			
 
				-# use ccache if installed
			
 
				-if(CCACHE AND ENABLE_CCACHE)
			
 
				-    set(CMAKE_C_COMPILER_LAUNCHER ${CCACHE})
			
 
				-endif()
			
 
				-
			
 
				 # -----------------------------------------------------------------------------
			
 
				 # Compose CFLAGS
			
 
				 # -----------------------------------------------------------------------------
			
 
				+set(LTC_CFLAGS "" CACHE STRING "Optional user-specific CFLAGS")
			
 
				+set(LTC_LDFLAGS "" CACHE STRING "Optional user-specific LDFLAGS")
			
 
				 
			
 
				 # Some information ported from makefile_include.mk
			
 
				 
			
@@ -94,8 +82,17 @@ else()
 
				         -Wsystem-headers
			
 
				     )
			
 
				     set(CMAKE_C_FLAGS_DEBUG "-g3")
			
 
				-    set(CMAKE_C_FLAGS_RELEASE "-O3 -funroll-loops -fomit-frame-pointer")
			
 
				-    set(CMAKE_C_FLAGS_RELWITHDEBINFO "-g3 -O2")
			
 
				+    if(LTC_CFLAGS MATCHES "-DARGTYPE")
			
 
				+        set(ARGTYPE "")
			
 
				+    else()
			
 
				+        set(ARGTYPE "-DARGTYPE=4")
			
 
				+    endif()
			
 
				+    set(CMAKE_C_FLAGS_RELEASE "-O3 -funroll-loops -fomit-frame-pointer ${ARGTYPE}")
			
 
				+    if(BUILD_SHARED_LIBS)
			
 
				+        set(CMAKE_C_FLAGS_RELWITHDEBINFO "-g3 -O2 ${ARGTYPE}")
			
 
				+    else()
			
 
				+        set(CMAKE_C_FLAGS_RELWITHDEBINFO "-g3 -O2")
			
 
				+    endif()
			
 
				     set(CMAKE_C_FLAGS_MINSIZEREL "-Os")
			
 
				 endif()
			
 
				 
			
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -20,25 +20,18 @@ build_script:
 
				       if "Visual Studio 2015"=="%APPVEYOR_BUILD_WORKER_IMAGE%" call "C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat" x86_amd64

			
 
				       cd..

			
 
				       git clone https://github.com/libtom/libtommath.git --branch=master

			
 
				+      cp libtomcrypt\.ci\cmake.bat libtommath\cmake.bat

			
 
				       cd libtommath

			
 
				-      mkdir build

			
 
				-      cd build

			
 
				-      cmake -G "Ninja" ..

			
 
				-      ninja

			
 
				-      cd..

			
 
				+      cmake.bat

			
 
				       nmake -f makefile.msvc

			
 
				       cd..

			
 
				       cd libtomcrypt

			
 
				-      mkdir build

			
 
				-      cd build

			
 
				-      cmake -G "Ninja" ..

			
 
				-      ninja

			
 
				-      cd..

			
 
				+      .ci\cmake.bat

			
 
				       nmake -f makefile.msvc all

			
 
				       cp test.exe test-stock.exe

			
 
				       cp timing.exe timing-stock.exe

			
 
				       nmake -f makefile.msvc clean

			
 
				-      nmake -f makefile.msvc all CFLAGS="/Ox /DUSE_LTM /DLTM_DESC /DLTC_AES_NI /I../libtommath"

			
 
				+      nmake -f makefile.msvc all CFLAGS="/Ox /DUSE_LTM /DLTM_DESC /DLTC_NO_AES_NI /I../libtommath"

			
 
				 test_script:

			
 
				 - cmd: >-

			
 
				     test-stock.exe

			
--- a/demos/CMakeLists.txt
+++ b/demos/CMakeLists.txt
@@ -1,13 +1,6 @@
 
				 # -----------------------------------------------------------------------------
			
 
				 # Options
			
 
				 # -----------------------------------------------------------------------------
			
 
				-option(BUILD_USEFUL_DEMOS "Build useful demos (hashsum)" FALSE)
			
 
				-option(
			
 
				-    BUILD_USABLE_DEMOS
			
 
				-    "Build usable demos (aesgcm constants crypt openssh-privkey openssl-enc pem-info sizes timing)"
			
 
				-    FALSE
			
 
				-)
			
 
				-option(BUILD_TEST_DEMOS "Build test demos (small tv_gen)" FALSE)
			
 
				 
			
 
				 option(INSTALL_DEMOS "Install enabled demos (USEFUL and/or USABLE) and ltc wrapper script" FALSE)
			
 
				 
			
@@ -16,11 +9,13 @@ option(INSTALL_DEMOS "Install enabled demos (USEFUL and/or USABLE) and ltc wrapp
 
				 #
			
 
				 # Demos that are even somehow useful and could be installed as a system-tool
			
 
				 #
			
 
				-# * USEFUL_DEMOS   = hashsum
			
 
				 # -----------------------------------------------------------------------------
			
 
				+set(USEFUL_DEMOS hashsum)
			
 
				+list(JOIN USEFUL_DEMOS " " USEFUL_DEMOS_STR)
			
 
				+option(BUILD_USEFUL_DEMOS "Build useful demos (${USEFUL_DEMOS_STR})" FALSE)
			
 
				 
			
 
				 if(BUILD_USEFUL_DEMOS)
			
 
				-    list(APPEND USABLE_DEMOS_TARGETS hashsum)
			
 
				+    list(APPEND USABLE_DEMOS_TARGETS ${USEFUL_DEMOS})
			
 
				 endif()
			
 
				 
			
 
				 # -----------------------------------------------------------------------------
			
@@ -28,22 +23,13 @@ endif()
 
				 #
			
 
				 # Demos that are usable but only rarely make sense to be installed
			
 
				 #
			
 
				-# USEABLE_DEMOS  = aesgcm constants crypt openssh-privkey openssl-enc pem-info sizes timing
			
 
				 # -----------------------------------------------------------------------------
			
 
				+set(USABLE_DEMOS aesgcm constants crypt der_print_flexi latex-tables openssh-privkey openssl-enc sizes timing)
			
 
				+list(JOIN USABLE_DEMOS " " USABLE_DEMOS_STR)
			
 
				+option(BUILD_USABLE_DEMOS "Build usable demos (${USABLE_DEMOS_STR})" FALSE)
			
 
				 
			
 
				 if(BUILD_USABLE_DEMOS)
			
 
				-    list(
			
 
				-        APPEND
			
 
				-        USABLE_DEMOS_TARGETS
			
 
				-        aesgcm
			
 
				-        constants
			
 
				-        crypt
			
 
				-        openssh-privkey
			
 
				-        openssl-enc
			
 
				-        pem-info
			
 
				-        sizes
			
 
				-        timing
			
 
				-    )
			
 
				+    list(APPEND USABLE_DEMOS_TARGETS ${USABLE_DEMOS})
			
 
				 endif()
			
 
				 
			
 
				 # -----------------------------------------------------------------------------
			
@@ -51,11 +37,13 @@ endif()
 
				 #
			
 
				 # Demos that are used for testing or measuring
			
 
				 #
			
 
				-# * TEST_DEMOS     = small tv_gen
			
 
				 # -----------------------------------------------------------------------------
			
 
				+set(TEST_DEMOS small tv_gen)
			
 
				+list(JOIN TEST_DEMOS " " TEST_DEMOS_STR)
			
 
				+option(BUILD_TEST_DEMOS "Build test demos (${TEST_DEMOS_STR})" FALSE)
			
 
				 
			
 
				 if(BUILD_TEST_DEMOS)
			
 
				-    list(APPEND ALL_DEMOS_TARGETS small tv_gen)
			
 
				+    list(APPEND ALL_DEMOS_TARGETS ${TEST_DEMOS})
			
 
				 endif()
			
 
				 
			
 
				 # -----------------------------------------------------------------------------
			
--- a/demos/der_print_flexi.c
+++ b/demos/der_print_flexi.c
@@ -0,0 +1,327 @@
 
				+/* LibTomCrypt, modular cryptographic library -- Tom St Denis */
			
 
				+/* SPDX-License-Identifier: Unlicense */
			
 
				+/* DER flexi-decode a certificate */
			
 
				+#include "tomcrypt_private.h"
			
 
				+#include <wchar.h>
			
 
				+
			
 
				+#define ASN1_FMTSTRING_FMT "line: %d, type=%d, size=%lu, data=%p, self=%p, next=%p, prev=%p, parent=%p, child=%p"
			
 
				+#define ASN1_FMTSTRING_VAL(l)  __LINE__, (l)->type, (l)->size, (l)->data, (l), (l)->next, (l)->prev, (l)->parent, (l)->child
			
 
				+
			
 
				+static void* s_xmalloc(int l)
			
 
				+{
			
 
				+   void *r = XCALLOC(1, l);
			
 
				+
			
 
				+#if defined(LTC_TEST_DBG) && LTC_TEST_DBG > 3
			
 
				+   fprintf(stderr, "ALLOC %9d to %p\n", l, r);
			
 
				+#endif
			
 
				+   if (!r) {
			
 
				+      fprintf(stderr, "Could not allocate %d bytes of memory\n", l);
			
 
				+      exit(EXIT_FAILURE);
			
 
				+   }
			
 
				+   return r;
			
 
				+}
			
 
				+
			
 
				+#ifndef S_FREE
			
 
				+static void s_free(void *p)
			
 
				+{
			
 
				+#if defined(LTC_TEST_DBG) && LTC_TEST_DBG > 3
			
 
				+   fprintf(stderr, "FREE %p\n", p);
			
 
				+#endif
			
 
				+   XFREE(p);
			
 
				+}
			
 
				+#endif
			
 
				+
			
 
				+static void s_der_print_flexi_i(const ltc_asn1_list* l, unsigned int level)
			
 
				+{
			
 
				+   char *buf = NULL;
			
 
				+   const char *name = NULL;
			
 
				+   const char *text = NULL;
			
 
				+   ltc_asn1_list *ostring = NULL;
			
 
				+   unsigned int n;
			
 
				+   int slen;
			
 
				+   const wchar_t *wtmp;
			
 
				+
			
 
				+   switch (l->type)
			
 
				+   {
			
 
				+      case LTC_ASN1_EOL:
			
 
				+         name = "EOL";
			
 
				+         slen = snprintf(NULL, 0, ASN1_FMTSTRING_FMT "\n", ASN1_FMTSTRING_VAL(l));
			
 
				+         buf = s_xmalloc(slen);
			
 
				+         snprintf(buf, slen, ASN1_FMTSTRING_FMT "\n", ASN1_FMTSTRING_VAL(l));
			
 
				+         text = buf;
			
 
				+         break;
			
 
				+      case LTC_ASN1_BOOLEAN:
			
 
				+         name = "BOOLEAN";
			
 
				+         {
			
 
				+            if (*(int*) l->data)
			
 
				+               text = "true";
			
 
				+            else
			
 
				+               text = "false";
			
 
				+         }
			
 
				+         break;
			
 
				+      case LTC_ASN1_INTEGER:
			
 
				+         name = "INTEGER";
			
 
				+         buf = s_xmalloc(((ltc_mp_get_digit_count(l->data) + 1) * ltc_mp.bits_per_digit) / 3);
			
 
				+         ltc_mp_toradix(l->data, buf, 10);
			
 
				+         text = buf;
			
 
				+         break;
			
 
				+      case LTC_ASN1_SHORT_INTEGER:
			
 
				+         name = "SHORT INTEGER";
			
 
				+         break;
			
 
				+      case LTC_ASN1_BIT_STRING:
			
 
				+         name = "BIT STRING";
			
 
				+         if (l->size <= 16) {
			
 
				+            int r;
			
 
				+            int sz = l->size + 1;
			
 
				+            char *s = buf = s_xmalloc(sz);
			
 
				+            for (n = 0; n < l->size; ++n) {
			
 
				+               r = snprintf(s, sz, "%c", ((unsigned char*) l->data)[n] ? '1' : '0');
			
 
				+               if (r < 0 || r >= sz) {
			
 
				+                  fprintf(stderr, "%s boom\n", name);
			
 
				+                  exit(EXIT_FAILURE);
			
 
				+               }
			
 
				+               s += r;
			
 
				+               sz -= r;
			
 
				+            }
			
 
				+         } else {
			
 
				+            slen = snprintf(NULL, 0, "Length %lu", l->size);
			
 
				+            buf = s_xmalloc(slen);
			
 
				+            snprintf(buf, slen, "Length %lu", l->size);
			
 
				+         }
			
 
				+         text = buf;
			
 
				+         break;
			
 
				+      case LTC_ASN1_OCTET_STRING:
			
 
				+         name = "OCTET STRING";
			
 
				+         {
			
 
				+            unsigned long ostring_l = l->size;
			
 
				+            /* sometimes there's another sequence in an octet string...
			
 
				+             * try to decode that... if it fails print out the octet string
			
 
				+             */
			
 
				+            if (der_decode_sequence_flexi(l->data, &ostring_l, &ostring) == CRYPT_OK) {
			
 
				+               text = "";
			
 
				+            } else {
			
 
				+               int r;
			
 
				+               int sz = l->size * 2 + 1;
			
 
				+               char *s = buf = s_xmalloc(sz);
			
 
				+               for (n = 0; n < l->size; ++n) {
			
 
				+                  r = snprintf(s, sz, "%02X", ((unsigned char*) l->data)[n]);
			
 
				+                  if (r < 0 || r >= sz) {
			
 
				+                     fprintf(stderr, "%s boom\n", name);
			
 
				+                     exit(EXIT_FAILURE);
			
 
				+                  }
			
 
				+                  s += r;
			
 
				+                  sz -= r;
			
 
				+               }
			
 
				+               text = buf;
			
 
				+            }
			
 
				+         }
			
 
				+         break;
			
 
				+      case LTC_ASN1_NULL:
			
 
				+         name = "NULL";
			
 
				+         text = "";
			
 
				+         break;
			
 
				+      case LTC_ASN1_OBJECT_IDENTIFIER:
			
 
				+         name = "OBJECT IDENTIFIER";
			
 
				+         {
			
 
				+            unsigned long len = 0;
			
 
				+            if (pk_oid_num_to_str(l->data, l->size, buf, &len) != CRYPT_BUFFER_OVERFLOW) {
			
 
				+               fprintf(stderr, "%s WTF\n", name);
			
 
				+               exit(EXIT_FAILURE);
			
 
				+            }
			
 
				+            buf = s_xmalloc(len);
			
 
				+            if (pk_oid_num_to_str(l->data, l->size, buf, &len) != CRYPT_OK) {
			
 
				+               fprintf(stderr, "%s boom\n", name);
			
 
				+               exit(EXIT_FAILURE);
			
 
				+            }
			
 
				+            text = buf;
			
 
				+         }
			
 
				+         break;
			
 
				+      case LTC_ASN1_IA5_STRING:
			
 
				+         name = "IA5 STRING";
			
 
				+         text = l->data;
			
 
				+         break;
			
 
				+      case LTC_ASN1_PRINTABLE_STRING:
			
 
				+         name = "PRINTABLE STRING";
			
 
				+         text = l->data;
			
 
				+         break;
			
 
				+      case LTC_ASN1_UTF8_STRING:
			
 
				+         name = "UTF8 STRING";
			
 
				+         wtmp = l->data;
			
 
				+         slen = wcsrtombs(NULL, &wtmp, 0, NULL);
			
 
				+         if (slen != -1) {
			
 
				+            slen++;
			
 
				+            buf = s_xmalloc(slen);
			
 
				+            if (wcsrtombs(buf, &wtmp, slen, NULL) == (size_t)-1) {
			
 
				+               fprintf(stderr, "%s boom\n", name);
			
 
				+               exit(EXIT_FAILURE);
			
 
				+            }
			
 
				+            text = buf;
			
 
				+         }
			
 
				+         break;
			
 
				+      case LTC_ASN1_UTCTIME:
			
 
				+         name = "UTCTIME";
			
 
				+         {
			
 
				+            ltc_utctime *ut = l->data;
			
 
				+            slen = 32;
			
 
				+            buf = s_xmalloc(slen);
			
 
				+            snprintf(buf, slen, "%02d-%02d-%02d %02d:%02d:%02d %c%02d:%02d", ut->YY, ut->MM, ut->DD, ut->hh, ut->mm,
			
 
				+                     ut->ss, ut->off_dir ? '-' : '+', ut->off_hh, ut->off_mm);
			
 
				+            text = buf;
			
 
				+         }
			
 
				+         break;
			
 
				+      case LTC_ASN1_GENERALIZEDTIME:
			
 
				+         name = "GENERALIZED TIME";
			
 
				+         {
			
 
				+            ltc_generalizedtime *gt = l->data;
			
 
				+            slen = 32;
			
 
				+            buf = s_xmalloc(slen);
			
 
				+            if (gt->fs)
			
 
				+               snprintf(buf, slen, "%04d-%02d-%02d %02d:%02d:%02d.%02dZ", gt->YYYY, gt->MM, gt->DD, gt->hh, gt->mm,
			
 
				+                        gt->ss, gt->fs);
			
 
				+            else
			
 
				+               snprintf(buf, slen, "%04d-%02d-%02d %02d:%02d:%02dZ", gt->YYYY, gt->MM, gt->DD, gt->hh, gt->mm, gt->ss);
			
 
				+            text = buf;
			
 
				+         }
			
 
				+         break;
			
 
				+      case LTC_ASN1_CHOICE:
			
 
				+         name = "CHOICE";
			
 
				+         break;
			
 
				+      case LTC_ASN1_SEQUENCE:
			
 
				+         name = "SEQUENCE";
			
 
				+         text = "";
			
 
				+         break;
			
 
				+      case LTC_ASN1_SET:
			
 
				+         name = "SET";
			
 
				+         text = "";
			
 
				+         break;
			
 
				+      case LTC_ASN1_SETOF:
			
 
				+         name = "SETOF";
			
 
				+         text = "";
			
 
				+         break;
			
 
				+      case LTC_ASN1_RAW_BIT_STRING:
			
 
				+         name = "RAW BIT STRING";
			
 
				+         break;
			
 
				+      case LTC_ASN1_TELETEX_STRING:
			
 
				+         name = "TELETEX STRING";
			
 
				+         text = l->data;
			
 
				+         break;
			
 
				+      case LTC_ASN1_CUSTOM_TYPE:
			
 
				+         name = "NON STANDARD";
			
 
				+         {
			
 
				+            int r;
			
 
				+            int sz = 128;
			
 
				+            char *s = buf = s_xmalloc(sz);
			
 
				+
			
 
				+            r = snprintf(s, sz, "[%s %s %llu]", der_asn1_class_to_string_map[l->klass],
			
 
				+                         der_asn1_pc_to_string_map[l->pc], l->tag);
			
 
				+            if (r < 0 || r >= sz) {
			
 
				+               fprintf(stderr, "%s boom\n", name);
			
 
				+               exit(EXIT_FAILURE);
			
 
				+            }
			
 
				+
			
 
				+            text = buf;
			
 
				+         }
			
 
				+         break;
			
 
				+   }
			
 
				+
			
 
				+   for (n = 0; n < level; ++n) {
			
 
				+      fprintf(stderr, "    ");
			
 
				+   }
			
 
				+   if (name) {
			
 
				+      if (text)
			
 
				+         fprintf(stderr, "%s %s\n", name, text);
			
 
				+      else
			
 
				+         fprintf(stderr, "%s <missing decoding>\n", name);
			
 
				+   } else
			
 
				+      fprintf(stderr, "WTF type=%i\n", l->type);
			
 
				+
			
 
				+   if (buf) {
			
 
				+      s_free(buf);
			
 
				+      buf = NULL;
			
 
				+   }
			
 
				+
			
 
				+   if (ostring) {
			
 
				+      s_der_print_flexi_i(ostring, level + 1);
			
 
				+      der_free_sequence_flexi(ostring);
			
 
				+   }
			
 
				+
			
 
				+   if (l->child) s_der_print_flexi_i(l->child, level + 1);
			
 
				+
			
 
				+   if (l->next) s_der_print_flexi_i(l->next, level);
			
 
				+}
			
 
				+
			
 
				+#ifndef LTC_DER_PRINT_FLEXI_NO_MAIN
			
 
				+
			
 
				+static void s_der_print_flexi(const ltc_asn1_list* l)
			
 
				+{
			
 
				+   fprintf(stderr, "\n\n");
			
 
				+   s_der_print_flexi_i(l, 0);
			
 
				+   fprintf(stderr, "\n\n");
			
 
				+}
			
 
				+
			
 
				+#include <sys/mman.h>
			
 
				+#include <sys/stat.h>
			
 
				+#include <fcntl.h>
			
 
				+#include <stdio.h>
			
 
				+#include <stdlib.h>
			
 
				+#include <unistd.h>
			
 
				+
			
 
				+static int fd;
			
 
				+static ltc_asn1_list *l;
			
 
				+
			
 
				+static void print_err(const char *fmt, ...)
			
 
				+{
			
 
				+   va_list args;
			
 
				+
			
 
				+   va_start(args, fmt);
			
 
				+   vfprintf(stderr, fmt, args);
			
 
				+   va_end(args);
			
 
				+}
			
 
				+
			
 
				+static void die_(int err, int line)
			
 
				+{
			
 
				+   print_err("%3d: LTC sez %s\n", line, error_to_string(err));
			
 
				+   der_free_sequence_flexi(l);
			
 
				+   close(fd);
			
 
				+   exit(EXIT_FAILURE);
			
 
				+}
			
 
				+
			
 
				+#define die(i) do { die_(i, __LINE__); } while(0)
			
 
				+#define DIE(s, ...) do { print_err("%3d: " s "\n", __LINE__, ##__VA_ARGS__); exit(EXIT_FAILURE); } while(0)
			
 
				+
			
 
				+int main(int argc, char **argv)
			
 
				+{
			
 
				+   void *addr;
			
 
				+   int err, argn = 1;
			
 
				+   struct stat sb;
			
 
				+   unsigned long len;
			
 
				+
			
 
				+   if ((err = register_all_hashes()) != CRYPT_OK) {
			
 
				+      die(err);
			
 
				+   }
			
 
				+   if ((err = crypt_mp_init("ltm")) != CRYPT_OK) {
			
 
				+      die(err);
			
 
				+   }
			
 
				+   if (argc > argn) fd = open(argv[argn], O_RDONLY);
			
 
				+   else fd = STDIN_FILENO;
			
 
				+   if (fd == -1) DIE("open sez no");
			
 
				+   if (fstat(fd, &sb) == -1) DIE("fstat");
			
 
				+
			
 
				+   addr = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
			
 
				+   if (addr == MAP_FAILED) DIE("mmap");
			
 
				+
			
 
				+   len = sb.st_size;
			
 
				+
			
 
				+   if ((err = der_decode_sequence_flexi(addr, &len, &l)) != CRYPT_OK) {
			
 
				+      die(err);
			
 
				+   }
			
 
				+
			
 
				+   s_der_print_flexi(l);
			
 
				+
			
 
				+   der_free_sequence_flexi(l);
			
 
				+   close(fd);
			
 
				+
			
 
				+   return 0;
			
 
				+}
			
 
				+
			
 
				+#endif /* LTC_DER_PRINT_FLEXI_NO_MAIN */
			
--- a/demos/latex-tables.c
+++ b/demos/latex-tables.c
@@ -74,13 +74,26 @@ static void LTC_NORETURN die(int status)
 
				 {
			
 
				    FILE* o = status == EXIT_SUCCESS ? stdout : stderr;
			
 
				    fprintf(o,
			
 
				-         "Usage: pem-info [<-h>]\n\n"
			
 
				-         "Generate LaTeX tables from the supported PEM resp. SSH ciphers.\n\n"
			
 
				+         "Usage: latex-tables [<-h>]\n\n"
			
 
				+         "Generate LaTeX tables from some library internal data.\n\n"
			
 
				          "\t-h\tThe help you're looking at.\n"
			
 
				    );
			
 
				    exit(status);
			
 
				 }
			
 
				 
			
 
				+static int s_to_lower(const char *in, char *out, unsigned long *outlen)
			
 
				+{
			
 
				+   unsigned long n;
			
 
				+   for (n = 0; n < *outlen && in[n]; ++n) {
			
 
				+      out[n] = tolower(in[n]);
			
 
				+   }
			
 
				+   if (n == *outlen)
			
 
				+      return CRYPT_BUFFER_OVERFLOW;
			
 
				+   out[n] = '\0';
			
 
				+   *outlen = n;
			
 
				+   return CRYPT_OK;
			
 
				+}
			
 
				+
			
 
				 int main(int argc, char **argv)
			
 
				 {
			
 
				    unsigned long n;
			
@@ -110,6 +123,50 @@ int main(int argc, char **argv)
 
				                                                        s_map_mode(ssh_ciphers[n].mode));
			
 
				    }
			
 
				 
			
 
				+   printf("\nECC curves:\n\n");
			
 
				+   for (n = 0; ltc_ecc_curves[n].OID != NULL; ++n) {
			
 
				+      const char * const *names;
			
 
				+      char lower[32] = {0}, buf[64] = {0};
			
 
				+      unsigned long m, bufl = 0, lowerl;
			
 
				+      int err = ecc_get_curve_names(ltc_ecc_curves[n].OID, &names);
			
 
				+      if (err != CRYPT_OK) {
			
 
				+         printf("\\error: OID %s not found (%s)\n", ltc_ecc_curves[n].OID, error_to_string(err));
			
 
				+         return EXIT_FAILURE;
			
 
				+      }
			
 
				+      for (m = 1; names[m]; ++m) {
			
 
				+         const char *name = names[m];
			
 
				+         if (memcmp(name, "P-", 2) == 0 || memcmp(name, "ECC-", 4) == 0) {
			
 
				+            /* Use the original name */
			
 
				+         } else {
			
 
				+            lowerl = sizeof(lower);
			
 
				+            if ((err = s_to_lower(name, lower, &lowerl)) != CRYPT_OK) {
			
 
				+               printf("\\error: %s could not be converted to lowercase (%s)\n", name, error_to_string(err));
			
 
				+               return EXIT_FAILURE;
			
 
				+            }
			
 
				+            name = lower;
			
 
				+         }
			
 
				+         if (m == 1) {
			
 
				+            err = snprintf(buf + bufl, sizeof(buf) - bufl, "%s", name);
			
 
				+         } else {
			
 
				+            err = snprintf(buf + bufl, sizeof(buf) - bufl, ", %s", name);
			
 
				+         }
			
 
				+         if (err == -1 || (unsigned)err > sizeof(buf) - bufl) {
			
 
				+            printf("\\error: snprintf returned %d at %s\n", err, name);
			
 
				+            return EXIT_FAILURE;
			
 
				+         }
			
 
				+         bufl += err;
			
 
				+      }
			
 
				+      lower[0] = '{';
			
 
				+      lowerl = sizeof(lower) - 2;
			
 
				+      if ((err = s_to_lower(names[0], &lower[1], &lowerl)) != CRYPT_OK) {
			
 
				+         printf("\\error: %s could not be converted to lowercase (%s)\n", names[0], error_to_string(err));
			
 
				+         return EXIT_FAILURE;
			
 
				+      }
			
 
				+      lower[lowerl + 1] = '}';
			
 
				+      lower[lowerl + 2] = '\0';
			
 
				+      printf("\\hline \\texttt%-17s & %-36s & %-21s \\\\\n", lower, buf, ltc_ecc_curves[n].OID);
			
 
				+   }
			
 
				+
			
 
				    return 0;
			
 
				 }
			
 
				 #else
			
--- a/doc/crypt.tex
+++ b/doc/crypt.tex
@@ -5331,42 +5331,42 @@ defined by own parameters (the only limitation is that the curve must be based o
 
				 \begin{table}[H]
			
 
				 \begin{center}
			
 
				 \begin{tabular}{|l|l|l|l|}
			
 
				-      \hline \textbf{Curve Name} & \textbf{Alternative Names}  & \textbf{OID}          \\
			
 
				-      \hline secp112r1           &                             & 1.3.132.0.6           \\
			
 
				-      \hline secp112r2           &                             & 1.3.132.0.7           \\
			
 
				-      \hline secp128r1           &                             & 1.3.132.0.28          \\
			
 
				-      \hline secp128r2           &                             & 1.3.132.0.29          \\
			
 
				-      \hline secp160r1           &                             & 1.3.132.0.8           \\
			
 
				-      \hline secp160r2           &                             & 1.3.132.0.30          \\
			
 
				-      \hline secp160k1           &                             & 1.3.132.0.9           \\
			
 
				-      \hline secp192r1           & nistp192, prime192v1, P-192 & 1.2.840.10045.3.1.1   \\
			
 
				-      \hline prime192v2          &                             & 1.2.840.10045.3.1.2   \\
			
 
				-      \hline prime192v3          &                             & 1.2.840.10045.3.1.3   \\
			
 
				-      \hline secp192k1           &                             & 1.3.132.0.31          \\
			
 
				-      \hline secp224r1           & nistp224, P-224             & 1.3.132.0.33          \\
			
 
				-      \hline secp224k1           &                             & 1.3.132.0.32          \\
			
 
				-      \hline secp256r1           & nistp256, prime256v1, P-256 & 1.2.840.10045.3.1.7   \\
			
 
				-      \hline secp256k1           &                             & 1.3.132.0.10          \\
			
 
				-      \hline secp384r1           & nistp384, P-384             & 1.3.132.0.34          \\
			
 
				-      \hline secp521r1           & nistp521, P-521             & 1.3.132.0.35          \\
			
 
				-      \hline prime239v1          &                             & 1.2.840.10045.3.1.4   \\
			
 
				-      \hline prime239v2          &                             & 1.2.840.10045.3.1.5   \\
			
 
				-      \hline prime239v3          &                             & 1.2.840.10045.3.1.6   \\
			
 
				-      \hline brainpoolP160r1     &                             & 1.3.36.3.3.2.8.1.1.1  \\
			
 
				-      \hline brainpoolP192r1     &                             & 1.3.36.3.3.2.8.1.1.3  \\
			
 
				-      \hline brainpoolP224r1     &                             & 1.3.36.3.3.2.8.1.1.5  \\
			
 
				-      \hline brainpoolP256r1     &                             & 1.3.36.3.3.2.8.1.1.7  \\
			
 
				-      \hline brainpoolP320r1     &                             & 1.3.36.3.3.2.8.1.1.9  \\
			
 
				-      \hline brainpoolP384r1     &                             & 1.3.36.3.3.2.8.1.1.11 \\
			
 
				-      \hline brainpoolP512r1     &                             & 1.3.36.3.3.2.8.1.1.13 \\
			
 
				-      \hline brainpoolP160t1     &                             & 1.3.36.3.3.2.8.1.1.2  \\
			
 
				-      \hline brainpoolP192t1     &                             & 1.3.36.3.3.2.8.1.1.4  \\
			
 
				-      \hline brainpoolP224t1     &                             & 1.3.36.3.3.2.8.1.1.6  \\
			
 
				-      \hline brainpoolP256t1     &                             & 1.3.36.3.3.2.8.1.1.8  \\
			
 
				-      \hline brainpoolP320t1     &                             & 1.3.36.3.3.2.8.1.1.10 \\
			
 
				-      \hline brainpoolP384t1     &                             & 1.3.36.3.3.2.8.1.1.12 \\
			
 
				-      \hline brainpoolP512t1     &                             & 1.3.36.3.3.2.8.1.1.14 \\
			
 
				-      \hline
			
 
				+\hline \textbf{Curve Name}      & \textbf{Alternative Names}           & \textbf{OID}          \\
			
 
				+\hline \texttt{secp112r1}       & ECC-112                              & 1.3.132.0.6           \\
			
 
				+\hline \texttt{secp112r2}       &                                      & 1.3.132.0.7           \\
			
 
				+\hline \texttt{secp128r1}       & ECC-128                              & 1.3.132.0.28          \\
			
 
				+\hline \texttt{secp128r2}       &                                      & 1.3.132.0.29          \\
			
 
				+\hline \texttt{secp160r1}       & ECC-160                              & 1.3.132.0.8           \\
			
 
				+\hline \texttt{secp160r2}       &                                      & 1.3.132.0.30          \\
			
 
				+\hline \texttt{secp160k1}       &                                      & 1.3.132.0.9           \\
			
 
				+\hline \texttt{secp192r1}       & nistp192, prime192v1, ECC-192, P-192 & 1.2.840.10045.3.1.1   \\
			
 
				+\hline \texttt{prime192v2}      &                                      & 1.2.840.10045.3.1.2   \\
			
 
				+\hline \texttt{prime192v3}      &                                      & 1.2.840.10045.3.1.3   \\
			
 
				+\hline \texttt{secp192k1}       &                                      & 1.3.132.0.31          \\
			
 
				+\hline \texttt{secp224r1}       & nistp224, ECC-224, P-224             & 1.3.132.0.33          \\
			
 
				+\hline \texttt{secp224k1}       &                                      & 1.3.132.0.32          \\
			
 
				+\hline \texttt{secp256r1}       & nistp256, prime256v1, ECC-256, P-256 & 1.2.840.10045.3.1.7   \\
			
 
				+\hline \texttt{secp256k1}       &                                      & 1.3.132.0.10          \\
			
 
				+\hline \texttt{secp384r1}       & nistp384, ECC-384, P-384             & 1.3.132.0.34          \\
			
 
				+\hline \texttt{secp521r1}       & nistp521, ECC-521, P-521             & 1.3.132.0.35          \\
			
 
				+\hline \texttt{prime239v1}      &                                      & 1.2.840.10045.3.1.4   \\
			
 
				+\hline \texttt{prime239v2}      &                                      & 1.2.840.10045.3.1.5   \\
			
 
				+\hline \texttt{prime239v3}      &                                      & 1.2.840.10045.3.1.6   \\
			
 
				+\hline \texttt{brainpoolp160r1} &                                      & 1.3.36.3.3.2.8.1.1.1  \\
			
 
				+\hline \texttt{brainpoolp192r1} &                                      & 1.3.36.3.3.2.8.1.1.3  \\
			
 
				+\hline \texttt{brainpoolp224r1} &                                      & 1.3.36.3.3.2.8.1.1.5  \\
			
 
				+\hline \texttt{brainpoolp256r1} &                                      & 1.3.36.3.3.2.8.1.1.7  \\
			
 
				+\hline \texttt{brainpoolp320r1} &                                      & 1.3.36.3.3.2.8.1.1.9  \\
			
 
				+\hline \texttt{brainpoolp384r1} &                                      & 1.3.36.3.3.2.8.1.1.11 \\
			
 
				+\hline \texttt{brainpoolp512r1} &                                      & 1.3.36.3.3.2.8.1.1.13 \\
			
 
				+\hline \texttt{brainpoolp160t1} &                                      & 1.3.36.3.3.2.8.1.1.2  \\
			
 
				+\hline \texttt{brainpoolp192t1} &                                      & 1.3.36.3.3.2.8.1.1.4  \\
			
 
				+\hline \texttt{brainpoolp224t1} &                                      & 1.3.36.3.3.2.8.1.1.6  \\
			
 
				+\hline \texttt{brainpoolp256t1} &                                      & 1.3.36.3.3.2.8.1.1.8  \\
			
 
				+\hline \texttt{brainpoolp320t1} &                                      & 1.3.36.3.3.2.8.1.1.10 \\
			
 
				+\hline \texttt{brainpoolp384t1} &                                      & 1.3.36.3.3.2.8.1.1.12 \\
			
 
				+\hline \texttt{brainpoolp512t1} &                                      & 1.3.36.3.3.2.8.1.1.14 \\
			
 
				+\hline
			
 
				 \end{tabular}
			
 
				 \caption{Built--In Elliptic Curves over GF(p)}
			
 
				 \end{center}
			
@@ -8726,6 +8726,7 @@ pthreads based mutex locking in various routines such as the Yarrow and Fortuna
 
				 
			
 
				 \chapter{Configuring and Building the Library}
			
 
				 \mysection{Introduction}
			
 
				+\index{math descriptor} \index{MPI provider}
			
 
				 The library is fairly flexible about how it can be built, used, and generally distributed.  Additions are being made with
			
 
				 each new release that will make the library even more flexible.  Each of the classes of functions can be disabled during
			
 
				 the build process to make a smaller library.  This is particularly useful for shared libraries.
			
@@ -8738,6 +8739,13 @@ configured.  Note that LibTomCrypt can be built with no internal math descriptor
 
				 build, or run time for the application.  LibTomCrypt comes with three math descriptors that provide a standard interface to math
			
 
				 libraries.
			
 
				 
			
 
				+Clarification regarding the wording in this area: 'MPI provider' and 'math descriptor' can be used synonymous.
			
 
				+Where the former usually means 'one of the entire set' and the latter means 'a specific'.
			
 
				+E.g. 'One can enable multiple MPI providers at build time, but has to select one of those MPI providers at run time.',
			
 
				+or 'The math descriptor for TomsFastMath is missing an implementation of \code{sqrtmod\_prime()}.'.
			
 
				+
			
 
				+Please check Ch. \ref{mp-init} for details on the selection of an MPI provider at build, resp. run time.
			
 
				+
			
 
				 \mysection{Makefile variables}
			
 
				 
			
 
				 All GNU driven makefiles (including the makefile for ICC) use a set of common variables to control the build and install process.  Most of the
			
@@ -9121,6 +9129,8 @@ When this has been defined the RSA modular exponentiation will do some sanity ch
 
				 This is enabled by default and can be disabled by defining \textbf{LTC\_NO\_RSA\_CRT\_HARDENING}.
			
 
				 
			
 
				 \subsection{Math Descriptors}
			
 
				+\index{math descriptor} \index{MPI provider}
			
 
				+\label{mp-init}
			
 
				 The library comes with three math descriptors that allow you to interface the public key cryptography API to freely available math
			
 
				 libraries.  When \textbf{GMP\_DESC}, \textbf{LTM\_DESC}, or \textbf{TFM\_DESC} are defined
			
 
				 descriptors for the respective library are built and included in the library as \textit{gmp\_desc}, \textit{ltm\_desc}, or \textit{tfm\_desc} respectively.
			
@@ -10359,17 +10369,6 @@ Since the function is given the entire RSA key (for private keys only) CRT is po
 
				 
			
 
				 \mysection{Deprecated API functions}
			
 
				 
			
 
				-\subsection{After v1.18.0}
			
 
				-
			
 
				-\index{init\_LTM()} \index{init\_TFM()} \index{init\_GMP()}
			
 
				-\begin{verbatim}
			
 
				-void init_LTM(void);
			
 
				-void init_TFM(void);
			
 
				-void init_GMP(void);
			
 
				-\end{verbatim}
			
 
				-
			
 
				-These three MPI init functions have been introduced in version 1.18.0 and have been deprecated in the same version in favor of \textit{crypt\_mp\_init()}.
			
 
				-
			
 
				 \clearpage
			
 
				 \addcontentsline{toc}{chapter}{Index}
			
 
				 \printindex
			
--- a/doc/makefile
+++ b/doc/makefile
@@ -29,7 +29,7 @@ docs crypt.pdf: crypt.tex
 
				 	rm -f crypt.pdf $(LEFTOVERS)
			
 
				 	cp crypt.tex crypt.bak
			
 
				 	touch -r crypt.tex crypt.bak
			
 
				-	(printf "%s" "\def\fixedpdfdate{"; date +'D:%Y%m%d%H%M%S%:z' -d @$$(stat --format=%Y crypt.tex) | sed "s/:\([0-9][0-9]\)$$/'\1'}/g") > crypt-deterministic.tex
			
 
				+	(printf "%s" "\def\fixedpdfdate{"; date +'D:%Y%m%d%H%M%S%:z' -u -d @$${SOURCE_DATE_EPOCH:-$$(stat --format=%Y crypt.tex)} | sed "s/:\([0-9][0-9]\)$$/'\1'}/g") > crypt-deterministic.tex
			
 
				 	printf "%s\n" "\pdfinfo{" >> crypt-deterministic.tex
			
 
				 	printf "%s\n" "  /CreationDate (\fixedpdfdate)" >> crypt-deterministic.tex
			
 
				 	printf "%s\n}\n" "  /ModDate (\fixedpdfdate)" >> crypt-deterministic.tex
			
--- a/makefile.mingw
+++ b/makefile.mingw
@@ -301,6 +301,8 @@ constants.exe: demos/constants.o $(LIBMAIN_S)
 
				 	$(CC) demos/constants.o $(LIBMAIN_S) $(LTC_LDFLAGS) -o $@
			
 
				 timing.exe: demos/timing.o $(LIBMAIN_S)
			
 
				 	$(CC) demos/timing.o $(LIBMAIN_S) $(LTC_LDFLAGS) -o $@
			
 
				+der_print_flexi.exe: demos/der_print_flexi.o $(LIBMAIN_S)
			
 
				+	$(CC) demos/der_print_flexi.o $(LIBMAIN_S) $(LTC_LDFLAGS) -o $@
			
 
				 
			
 
				 #Tests
			
 
				 test.exe: $(TOBJECTS) $(LIBMAIN_S)
			
--- a/makefile.msvc
+++ b/makefile.msvc
@@ -288,6 +288,8 @@ constants.exe: demos/constants.c $(LIBMAIN_S)
 
				 	cl $(LTC_CFLAGS) demos/constants.c tests/common.c $(LIBMAIN_S) $(LTC_LDFLAGS) /Fe$@
			
 
				 timing.exe: demos/timing.c $(LIBMAIN_S)
			
 
				 	cl $(LTC_CFLAGS) demos/timing.c tests/common.c $(LIBMAIN_S) $(LTC_LDFLAGS) /Fe$@
			
 
				+der_print_flexi.exe: demos/der_print_flexi.c $(LIBMAIN_S)
			
 
				+	cl $(LTC_CFLAGS) demos/der_print_flexi.c tests/common.c $(LIBMAIN_S) $(LTC_LDFLAGS) /Fe$@
			
 
				 
			
 
				 #Tests
			
 
				 test.exe: $(LIBMAIN_S) $(TOBJECTS)
			
--- a/makefile.unix
+++ b/makefile.unix
@@ -312,6 +312,8 @@ constants: demos/constants.o $(LIBMAIN_S)
 
				 	$(CC) demos/constants.o $(LIBMAIN_S) $(LTC_LDFLAGS) -o $@
			
 
				 timing: demos/timing.o $(LIBMAIN_S)
			
 
				 	$(CC) demos/timing.o $(LIBMAIN_S) $(LTC_LDFLAGS) -o $@
			
 
				+der_print_flexi: demos/der_print_flexi.o $(LIBMAIN_S)
			
 
				+	$(CC) demos/der_print_flexi.o $(LIBMAIN_S) $(LTC_LDFLAGS) -o $@
			
 
				 
			
 
				 #Tests
			
 
				 test: $(TOBJECTS) $(LIBMAIN_S)
			
--- a/makefile_include.mk
+++ b/makefile_include.mk
@@ -148,6 +148,12 @@ ifneq ($(GIT_VERSION),)
 
				 LTC_CFLAGS += -DGIT_VERSION=\"$(GIT_VERSION)\"
			
 
				 endif
			
 
				 
			
 
				+ifndef LTC_DEBUG
			
 
				+ifeq ($(findstring -DARGTYPE,$(CFLAGS)),)
			
 
				+LTC_CFLAGS += -DARGTYPE=4
			
 
				+endif
			
 
				+endif
			
 
				+
			
 
				 LTC_CFLAGS := $(LTC_CFLAGS) $(CFLAGS)
			
 
				 
			
 
				 ifneq ($(findstring -DLTC_PTHREAD,$(LTC_CFLAGS)),)
			
@@ -174,7 +180,7 @@ TEST=test
 
				 USEFUL_DEMOS   = hashsum
			
 
				 
			
 
				 # Demos that are usable but only rarely make sense to be installed
			
 
				-USEABLE_DEMOS  = aesgcm constants crypt openssh-privkey openssl-enc pem-info sizes timing
			
 
				+USEABLE_DEMOS  = aesgcm constants crypt der_print_flexi latex-tables openssh-privkey openssl-enc sizes timing
			
 
				 
			
 
				 # Demos that are used for testing or measuring
			
 
				 TEST_DEMOS     = small tv_gen
			
--- a/notes/hash_tv.txt
+++ b/notes/hash_tv.txt
--- a/notes/hmac_tv.txt
+++ b/notes/hmac_tv.txt
--- a/src/ciphers/aes/aes_desc.c
+++ b/src/ciphers/aes/aes_desc.c
@@ -83,13 +83,17 @@ static LTC_INLINE int s_aesni_is_supported(void)
 
				 
			
 
				    return is_supported;
			
 
				 }
			
 
				+#endif
			
 
				 
			
 
				 #ifndef ENCRYPT_ONLY
			
 
				 int aesni_is_supported(void)
			
 
				 {
			
 
				+#ifdef LTC_AES_NI
			
 
				    return s_aesni_is_supported();
			
 
				-}
			
 
				+#else
			
 
				+   return 0;
			
 
				 #endif
			
 
				+}
			
 
				 #endif
			
 
				 
			
 
				  /**
			
--- a/src/ciphers/aes/aesni.c
+++ b/src/ciphers/aes/aesni.c
@@ -29,7 +29,7 @@ const struct ltc_cipher_descriptor aesni_desc =
 
				 #define temp_update(t, k) _mm_insert_epi32(t, k, 3)
			
 
				 #define temp_invert(k) _mm_aesimc_si128(*((__m128i*)(k)))
			
 
				 
			
 
				-
			
 
				+#define rcon aesni_rcon
			
 
				 static const ulong32 rcon[] = {
			
 
				     0x01UL, 0x02UL, 0x04UL, 0x08UL, 0x10UL, 0x20UL, 0x40UL, 0x80UL, 0x1BUL, 0x36UL
			
 
				 };
			
@@ -147,7 +147,6 @@ int aesni_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_
 
				    for (i = 1; i < skey->rijndael.Nr; i++) {
			
 
				       rrk -= 4;
			
 
				       rk += 4;
			
 
				-      temp = temp_invert(rk);
			
 
				       *((__m128i*) rk) = temp_invert(rrk);
			
 
				    }
			
 
				 
			
@@ -370,5 +369,7 @@ int aesni_keysize(int *keysize)
 
				    return CRYPT_OK;
			
 
				 }
			
 
				 
			
 
				+#undef rcon
			
 
				+
			
 
				 #endif
			
 
				 
			
--- a/src/headers/tomcrypt_argchk.h
+++ b/src/headers/tomcrypt_argchk.h
@@ -11,23 +11,19 @@
 
				 
			
 
				 LTC_NORETURN void crypt_argchk(const char *v, const char *s, int d);
			
 
				 #define LTC_ARGCHK(x) do { if (!(x)) { crypt_argchk(#x, __FILE__, __LINE__); } }while(0)
			
 
				-#define LTC_ARGCHKVD(x) do { if (!(x)) { crypt_argchk(#x, __FILE__, __LINE__); } }while(0)
			
 
				 
			
 
				 #elif ARGTYPE == 1
			
 
				 
			
 
				 /* fatal type of error */
			
 
				 #define LTC_ARGCHK(x) assert((x))
			
 
				-#define LTC_ARGCHKVD(x) LTC_ARGCHK(x)
			
 
				 
			
 
				 #elif ARGTYPE == 2
			
 
				 
			
 
				 #define LTC_ARGCHK(x) if (!(x)) { fprintf(stderr, "\nwarning: ARGCHK failed at %s:%d\n", __FILE__, __LINE__); }
			
 
				-#define LTC_ARGCHKVD(x) LTC_ARGCHK(x)
			
 
				 
			
 
				 #elif ARGTYPE == 3
			
 
				 
			
 
				 #define LTC_ARGCHK(x) LTC_UNUSED_PARAM(x)
			
 
				-#define LTC_ARGCHKVD(x) LTC_ARGCHK(x)
			
 
				 
			
 
				 #elif ARGTYPE == 4
			
 
				 
			
@@ -36,3 +32,7 @@ LTC_NORETURN void crypt_argchk(const char *v, const char *s, int d);
 
				 
			
 
				 #endif
			
 
				 
			
 
				+#if defined(LTC_ARGCHK) && !defined(LTC_ARGCHKVD)
			
 
				+#define LTC_ARGCHKVD(x) LTC_ARGCHK(x)
			
 
				+#endif
			
 
				+
			
--- a/src/headers/tomcrypt_cfg.h
+++ b/src/headers/tomcrypt_cfg.h
@@ -244,7 +244,10 @@ typedef unsigned long ltc_mp_digit;
 
				    #undef ENDIAN_32BITWORD
			
 
				    #undef ENDIAN_64BITWORD
			
 
				    #undef LTC_FAST
			
 
				+   #define LTC_NO_AES_NI
			
 
				    #define LTC_NO_BSWAP
			
 
				+   #define LTC_NO_CLZL
			
 
				+   #define LTC_NO_CTZL
			
 
				    #define LTC_NO_ROLC
			
 
				    #define LTC_NO_ROTATE
			
 
				 #endif
			
@@ -295,14 +298,18 @@ typedef unsigned long ltc_mp_digit;
 
				    #define LTC_HAVE_ROTATE_BUILTIN
			
 
				 #endif
			
 
				 
			
 
				-#if __has_builtin(__builtin_clzl)
			
 
				+#if !defined(LTC_NO_CLZL) && __has_builtin(__builtin_clzl)
			
 
				    #define LTC_HAVE_CLZL_BUILTIN
			
 
				 #endif
			
 
				 
			
 
				-#if __has_builtin(__builtin_ctzl)
			
 
				+#if !defined(LTC_NO_CTZL) && __has_builtin(__builtin_ctzl)
			
 
				    #define LTC_HAVE_CTZL_BUILTIN
			
 
				 #endif
			
 
				 
			
 
				+#if !defined(LTC_NO_AES_NI) && (defined(__x86_64__) || defined(_M_X64))
			
 
				+#define LTC_AES_NI
			
 
				+#endif
			
 
				+
			
 
				 #if defined(__GNUC__)
			
 
				    #define LTC_ALIGN(n) __attribute__((aligned(n)))
			
 
				 #else
			
@@ -329,21 +336,30 @@ typedef unsigned long ltc_mp_digit;
 
				 #   define LTC_NULL_TERMINATED
			
 
				 #endif
			
 
				 
			
 
				+#ifndef LTC_DEPRECATED
			
 
				 #if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 405)
			
 
				 #  define LTC_DEPRECATED(s) __attribute__((deprecated("replaced by " #s)))
			
 
				-#  define PRIVATE_LTC_DEPRECATED_PRAGMA(s) _Pragma(#s)
			
 
				-#  define LTC_DEPRECATED_PRAGMA(s) PRIVATE_LTC_DEPRECATED_PRAGMA(GCC warning s)
			
 
				 #elif defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 301)
			
 
				 #  define LTC_DEPRECATED(s) __attribute__((deprecated))
			
 
				-#  define LTC_DEPRECATED_PRAGMA(s)
			
 
				 #elif defined(_MSC_VER) && _MSC_VER >= 1500
			
 
				    /* supported since Visual Studio 2008 */
			
 
				 #  define LTC_DEPRECATED(s) __declspec(deprecated("replaced by " #s))
			
 
				-#  define LTC_DEPRECATED_PRAGMA(s) __pragma(message(s))
			
 
				 #else
			
 
				 #  define LTC_DEPRECATED(s)
			
 
				+#endif
			
 
				+#endif
			
 
				+
			
 
				+#ifndef LTC_DEPRECATED_PRAGMA
			
 
				+#if defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 405)
			
 
				+#  define PRIVATE_LTC_DEPRECATED_PRAGMA(s) _Pragma(#s)
			
 
				+#  define LTC_DEPRECATED_PRAGMA(s) PRIVATE_LTC_DEPRECATED_PRAGMA(GCC warning s)
			
 
				+#elif defined(_MSC_VER) && _MSC_VER >= 1500
			
 
				+   /* supported since Visual Studio 2008 */
			
 
				+#  define LTC_DEPRECATED_PRAGMA(s) __pragma(message(s))
			
 
				+#else
			
 
				 #  define LTC_DEPRECATED_PRAGMA(s)
			
 
				 #endif
			
 
				+#endif
			
 
				 
			
 
				 #if defined(__GNUC__) || defined(__clang__)
			
 
				 #  define LTC_ATTRIBUTE(x) __attribute__(x)
			
--- a/src/headers/tomcrypt_cipher.h
+++ b/src/headers/tomcrypt_cipher.h
@@ -711,10 +711,11 @@ void rijndael_enc_done(symmetric_key *skey);
 
				 int rijndael_enc_keysize(int *keysize);
			
 
				 extern const struct ltc_cipher_descriptor rijndael_desc;
			
 
				 extern const struct ltc_cipher_descriptor rijndael_enc_desc;
			
 
				+
			
 
				+int aesni_is_supported(void);
			
 
				 #endif
			
 
				 
			
 
				 #if defined(LTC_AES_NI)
			
 
				-int aesni_is_supported(void);
			
 
				 int aesni_setup(const unsigned char *key, int keylen, int num_rounds, symmetric_key *skey);
			
 
				 int aesni_ecb_encrypt(const unsigned char *pt, unsigned char *ct, const symmetric_key *skey);
			
 
				 int aesni_ecb_decrypt(const unsigned char *ct, unsigned char *pt, const symmetric_key *skey);
			
--- a/src/headers/tomcrypt_custom.h
+++ b/src/headers/tomcrypt_custom.h
@@ -91,6 +91,8 @@
 
				    #define LTC_SHA1
			
 
				    #define LTC_SHA3
			
 
				    #define LTC_SHA512
			
 
				+   #define LTC_SHA512_256
			
 
				+   #define LTC_SHA512_224
			
 
				    #define LTC_SHA384
			
 
				    #define LTC_SHA256
			
 
				    #define LTC_SHA224
			
--- a/src/headers/tomcrypt_macros.h
+++ b/src/headers/tomcrypt_macros.h
@@ -59,8 +59,8 @@ do { x = (((ulong64)((y)[0] & 255))<<56)|(((ulong64)((y)[1] & 255))<<48) | \
 
				 #ifdef LTC_HAVE_BSWAP_BUILTIN
			
 
				 
			
 
				 #define STORE32H(x, y)                          \
			
 
				-do { ulong32 ttt = __builtin_bswap32 ((x));     \
			
 
				-      XMEMCPY ((y), &ttt, 4); } while(0)
			
 
				+do { ulong32 LTC_TMPVAR(ttt) = __builtin_bswap32 ((x));     \
			
 
				+      XMEMCPY ((y), &LTC_TMPVAR(ttt), 4); } while(0)
			
 
				 
			
 
				 #define LOAD32H(x, y)                           \
			
 
				 do { XMEMCPY (&(x), (y), 4);                    \
			
@@ -98,8 +98,8 @@ __asm__ volatile (             \
 
				 #ifdef LTC_HAVE_BSWAP_BUILTIN
			
 
				 
			
 
				 #define STORE64H(x, y)                          \
			
 
				-do { ulong64 ttt = __builtin_bswap64 ((x));     \
			
 
				-      XMEMCPY ((y), &ttt, 8); } while(0)
			
 
				+do { ulong64 LTC_TMPVAR(ttt) = __builtin_bswap64 ((x));     \
			
 
				+      XMEMCPY ((y), &LTC_TMPVAR(ttt), 8); } while(0)
			
 
				 
			
 
				 #define LOAD64H(x, y)                           \
			
 
				 do { XMEMCPY (&(x), (y), 8);                    \
			
@@ -140,7 +140,7 @@ do { x = (((ulong64)((y)[0] & 255))<<56)|(((ulong64)((y)[1] & 255))<<48) | \
 
				 #ifdef ENDIAN_32BITWORD
			
 
				 
			
 
				 #define STORE32L(x, y)        \
			
 
				-  do { ulong32  ttt = (x); XMEMCPY(y, &ttt, 4); } while(0)
			
 
				+  do { ulong32  LTC_TMPVAR(ttt) = (x); XMEMCPY(y, &LTC_TMPVAR(ttt), 4); } while(0)
			
 
				 
			
 
				 #define LOAD32L(x, y)         \
			
 
				   do { XMEMCPY(&(x), y, 4); } while(0)
			
@@ -160,13 +160,13 @@ do { x = (((ulong64)((y)[0] & 255))<<56)|(((ulong64)((y)[1] & 255))<<48) | \
 
				 #else /* 64-bit words then  */
			
 
				 
			
 
				 #define STORE32L(x, y)        \
			
 
				-  do { ulong32 ttt = (x); XMEMCPY(y, &ttt, 4); } while(0)
			
 
				+  do { ulong32 LTC_TMPVAR(ttt) = (x); XMEMCPY(y, &LTC_TMPVAR(ttt), 4); } while(0)
			
 
				 
			
 
				 #define LOAD32L(x, y)         \
			
 
				   do { XMEMCPY(&(x), y, 4); x &= 0xFFFFFFFF; } while(0)
			
 
				 
			
 
				 #define STORE64L(x, y)        \
			
 
				-  do { ulong64 ttt = (x); XMEMCPY(y, &ttt, 8); } while(0)
			
 
				+  do { ulong64 LTC_TMPVAR(ttt) = (x); XMEMCPY(y, &LTC_TMPVAR(ttt), 8); } while(0)
			
 
				 
			
 
				 #define LOAD64L(x, y)         \
			
 
				   do { XMEMCPY(&(x), y, 8); } while(0)
			
@@ -200,7 +200,7 @@ do { x = (((ulong64)((y)[7] & 255))<<56)|(((ulong64)((y)[6] & 255))<<48) | \
 
				 #ifdef ENDIAN_32BITWORD
			
 
				 
			
 
				 #define STORE32H(x, y)        \
			
 
				-  do { ulong32 ttt = (x); XMEMCPY(y, &ttt, 4); } while(0)
			
 
				+  do { ulong32 LTC_TMPVAR(ttt) = (x); XMEMCPY(y, &LTC_TMPVAR(ttt), 4); } while(0)
			
 
				 
			
 
				 #define LOAD32H(x, y)         \
			
 
				   do { XMEMCPY(&(x), y, 4); } while(0)
			
@@ -220,13 +220,13 @@ do { x = (((ulong64)((y)[7] & 255))<<56)|(((ulong64)((y)[6] & 255))<<48) | \
 
				 #else /* 64-bit words then  */
			
 
				 
			
 
				 #define STORE32H(x, y)        \
			
 
				-  do { ulong32 ttt = (x); XMEMCPY(y, &ttt, 4); } while(0)
			
 
				+  do { ulong32 LTC_TMPVAR(ttt) = (x); XMEMCPY(y, &LTC_TMPVAR(ttt), 4); } while(0)
			
 
				 
			
 
				 #define LOAD32H(x, y)         \
			
 
				   do { XMEMCPY(&(x), y, 4); x &= 0xFFFFFFFF; } while(0)
			
 
				 
			
 
				 #define STORE64H(x, y)        \
			
 
				-  do { ulong64 ttt = (x); XMEMCPY(y, &ttt, 8); } while(0)
			
 
				+  do { ulong64 LTC_TMPVAR(ttt) = (x); XMEMCPY(y, &LTC_TMPVAR(ttt), 8); } while(0)
			
 
				 
			
 
				 #define LOAD64H(x, y)         \
			
 
				   do { XMEMCPY(&(x), y, 8); } while(0)
			
--- a/src/headers/tomcrypt_misc.h
+++ b/src/headers/tomcrypt_misc.h
@@ -102,15 +102,6 @@ int crypt_list_all_constants(char *names_list, unsigned int *names_list_size);
 
				 int crypt_get_size(const char* namein, unsigned int *sizeout);
			
 
				 int crypt_list_all_sizes(char *names_list, unsigned int *names_list_size);
			
 
				 
			
 
				-#ifdef LTM_DESC
			
 
				-LTC_DEPRECATED(crypt_mp_init) void init_LTM(void);
			
 
				-#endif
			
 
				-#ifdef TFM_DESC
			
 
				-LTC_DEPRECATED(crypt_mp_init) void init_TFM(void);
			
 
				-#endif
			
 
				-#ifdef GMP_DESC
			
 
				-LTC_DEPRECATED(crypt_mp_init) void init_GMP(void);
			
 
				-#endif
			
 
				 int crypt_mp_init(const char* mpi);
			
 
				 
			
 
				 #ifdef LTC_ADLER32
			
--- a/src/headers/tomcrypt_pk.h
+++ b/src/headers/tomcrypt_pk.h
@@ -723,9 +723,10 @@ typedef struct ltc_asn1_list_ {
 
				 #define LTC_SET_ASN1_CUSTOM_PRIMITIVE(list, index, Class, Tag, Type, Data, Size)          \
			
 
				    do {                                                                                   \
			
 
				       int LTC_TMPVAR(SACP) = (index);                                                     \
			
 
				+      ltc_asn1_list *LTC_TMPVAR(SACP_list) = (list);                        \
			
 
				       LTC_SET_ASN1(list, LTC_TMPVAR(SACP), LTC_ASN1_CUSTOM_TYPE, Data, Size);             \
			
 
				       LTC_SET_ASN1_IDENTIFIER(list, LTC_TMPVAR(SACP), Class, LTC_ASN1_PC_PRIMITIVE, Tag); \
			
 
				-      list[LTC_TMPVAR(SACP)].used = (int)(Type);                                          \
			
 
				+      LTC_TMPVAR(SACP_list)[LTC_TMPVAR(SACP)].used = (int)(Type);                                          \
			
 
				    } while (0)
			
 
				 
			
 
				 extern const char*          der_asn1_class_to_string_map[];
			
--- a/src/headers/tomcrypt_private.h
+++ b/src/headers/tomcrypt_private.h
@@ -433,6 +433,7 @@ int dh_import_pkcs8_asn1(ltc_asn1_list *alg_id, ltc_asn1_list *priv_key, dh_key
 
				 int ecc_set_curve_from_mpis(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key);
			
 
				 int ecc_copy_curve(const ecc_key *srckey, ecc_key *key);
			
 
				 int ecc_set_curve_by_size(int size, ecc_key *key);
			
 
				+int ecc_get_curve_names(const char *oid, const char * const **names);
			
 
				 int ecc_import_subject_public_key_info(const unsigned char *in, unsigned long inlen, ecc_key *key);
			
 
				 #ifdef LTC_DER
			
 
				 int ecc_import_pkcs8_asn1(ltc_asn1_list *alg_id, ltc_asn1_list *priv_key, ecc_key *key);
			
--- a/src/mac/hmac/hmac_memory_multi.c
+++ b/src/mac/hmac/hmac_memory_multi.c
@@ -18,7 +18,8 @@
 
				    @param outlen    [in/out] Max size and resulting size of authentication tag
			
 
				    @param in        The data to HMAC
			
 
				    @param inlen     The length of the data to HMAC (octets)
			
 
				-   @param ...       tuples of (data,len) pairs to HMAC, terminated with a (NULL,x) (x=don't care)
			
 
				+   @param ...       tuples of (data,len) pairs of type (unsigned char*,unsigned long) to HMAC,
			
 
				+                     terminated with a (NULL,x) (x=don't care)
			
 
				    @return CRYPT_OK if successful
			
 
				 */
			
 
				 int hmac_memory_multi(int hash,
			
--- a/src/misc/crypt/crypt_find_hash_any.c
+++ b/src/misc/crypt/crypt_find_hash_any.c
@@ -12,7 +12,8 @@
 
				    @param name        The name of the hash desired
			
 
				    @param digestlen   The minimum length of the digest size (octets)
			
 
				    @return >= 0 if found, -1 if not present
			
 
				-*/int find_hash_any(const char *name, int digestlen)
			
 
				+*/
			
 
				+int find_hash_any(const char *name, int digestlen)
			
 
				 {
			
 
				    int x, y, z;
			
 
				    LTC_ARGCHK(name != NULL);
			
--- a/src/misc/crypt/crypt_inits.c
+++ b/src/misc/crypt/crypt_inits.c
@@ -9,28 +9,6 @@
 
				   like Python - Larry Bugbee, February 2013
			
 
				 */
			
 
				 
			
 
				-
			
 
				-#ifdef LTM_DESC
			
 
				-void init_LTM(void)
			
 
				-{
			
 
				-    ltc_mp = ltm_desc;
			
 
				-}
			
 
				-#endif
			
 
				-
			
 
				-#ifdef TFM_DESC
			
 
				-void init_TFM(void)
			
 
				-{
			
 
				-    ltc_mp = tfm_desc;
			
 
				-}
			
 
				-#endif
			
 
				-
			
 
				-#ifdef GMP_DESC
			
 
				-void init_GMP(void)
			
 
				-{
			
 
				-    ltc_mp = gmp_desc;
			
 
				-}
			
 
				-#endif
			
 
				-
			
 
				 int crypt_mp_init(const char* mpi)
			
 
				 {
			
 
				    if (mpi == NULL) return CRYPT_ERROR;
			
--- a/src/misc/crypt/crypt_register_all_hashes.c
+++ b/src/misc/crypt/crypt_register_all_hashes.c
@@ -15,45 +15,47 @@
 
				 
			
 
				 int register_all_hashes(void)
			
 
				 {
			
 
				-#ifdef LTC_TIGER
			
 
				-   REGISTER_HASH(&tiger_desc);
			
 
				-   REGISTER_HASH(&tiger2_desc);
			
 
				+#ifdef LTC_SHA512
			
 
				+   REGISTER_HASH(&sha512_desc);
			
 
				 #endif
			
 
				-#ifdef LTC_MD2
			
 
				-   REGISTER_HASH(&md2_desc);
			
 
				+#ifdef LTC_SHA256
			
 
				+   REGISTER_HASH(&sha256_desc);
			
 
				 #endif
			
 
				-#ifdef LTC_MD4
			
 
				-   REGISTER_HASH(&md4_desc);
			
 
				+#ifdef LTC_SHA3
			
 
				+   REGISTER_HASH(&sha3_512_desc);
			
 
				+   REGISTER_HASH(&sha3_384_desc);
			
 
				+   REGISTER_HASH(&sha3_256_desc);
			
 
				+   REGISTER_HASH(&sha3_224_desc);
			
 
				 #endif
			
 
				-#ifdef LTC_MD5
			
 
				-   REGISTER_HASH(&md5_desc);
			
 
				+#ifdef LTC_SHA512_256
			
 
				+   REGISTER_HASH(&sha512_256_desc);
			
 
				 #endif
			
 
				-#ifdef LTC_SHA1
			
 
				-   REGISTER_HASH(&sha1_desc);
			
 
				+#ifdef LTC_SHA512_224
			
 
				+   REGISTER_HASH(&sha512_224_desc);
			
 
				 #endif
			
 
				 #ifdef LTC_SHA224
			
 
				    REGISTER_HASH(&sha224_desc);
			
 
				 #endif
			
 
				-#ifdef LTC_SHA256
			
 
				-   REGISTER_HASH(&sha256_desc);
			
 
				-#endif
			
 
				 #ifdef LTC_SHA384
			
 
				    REGISTER_HASH(&sha384_desc);
			
 
				 #endif
			
 
				-#ifdef LTC_SHA512
			
 
				-   REGISTER_HASH(&sha512_desc);
			
 
				+#ifdef LTC_SHA1
			
 
				+   REGISTER_HASH(&sha1_desc);
			
 
				 #endif
			
 
				-#ifdef LTC_SHA512_224
			
 
				-   REGISTER_HASH(&sha512_224_desc);
			
 
				+#ifdef LTC_MD5
			
 
				+   REGISTER_HASH(&md5_desc);
			
 
				 #endif
			
 
				-#ifdef LTC_SHA512_256
			
 
				-   REGISTER_HASH(&sha512_256_desc);
			
 
				+#ifdef LTC_BLAKE2S
			
 
				+   REGISTER_HASH(&blake2s_128_desc);
			
 
				+   REGISTER_HASH(&blake2s_160_desc);
			
 
				+   REGISTER_HASH(&blake2s_224_desc);
			
 
				+   REGISTER_HASH(&blake2s_256_desc);
			
 
				 #endif
			
 
				-#ifdef LTC_SHA3
			
 
				-   REGISTER_HASH(&sha3_224_desc);
			
 
				-   REGISTER_HASH(&sha3_256_desc);
			
 
				-   REGISTER_HASH(&sha3_384_desc);
			
 
				-   REGISTER_HASH(&sha3_512_desc);
			
 
				+#ifdef LTC_BLAKE2S
			
 
				+   REGISTER_HASH(&blake2b_160_desc);
			
 
				+   REGISTER_HASH(&blake2b_256_desc);
			
 
				+   REGISTER_HASH(&blake2b_384_desc);
			
 
				+   REGISTER_HASH(&blake2b_512_desc);
			
 
				 #endif
			
 
				 #ifdef LTC_KECCAK
			
 
				    REGISTER_HASH(&keccak_224_desc);
			
@@ -76,17 +78,15 @@ int register_all_hashes(void)
 
				 #ifdef LTC_WHIRLPOOL
			
 
				    REGISTER_HASH(&whirlpool_desc);
			
 
				 #endif
			
 
				-#ifdef LTC_BLAKE2S
			
 
				-   REGISTER_HASH(&blake2s_128_desc);
			
 
				-   REGISTER_HASH(&blake2s_160_desc);
			
 
				-   REGISTER_HASH(&blake2s_224_desc);
			
 
				-   REGISTER_HASH(&blake2s_256_desc);
			
 
				+#ifdef LTC_TIGER
			
 
				+   REGISTER_HASH(&tiger_desc);
			
 
				+   REGISTER_HASH(&tiger2_desc);
			
 
				 #endif
			
 
				-#ifdef LTC_BLAKE2S
			
 
				-   REGISTER_HASH(&blake2b_160_desc);
			
 
				-   REGISTER_HASH(&blake2b_256_desc);
			
 
				-   REGISTER_HASH(&blake2b_384_desc);
			
 
				-   REGISTER_HASH(&blake2b_512_desc);
			
 
				+#ifdef LTC_MD2
			
 
				+   REGISTER_HASH(&md2_desc);
			
 
				+#endif
			
 
				+#ifdef LTC_MD4
			
 
				+   REGISTER_HASH(&md4_desc);
			
 
				 #endif
			
 
				 #ifdef LTC_CHC_HASH
			
 
				    {
			
--- a/src/misc/crypt/crypt_register_cipher.c
+++ b/src/misc/crypt/crypt_register_cipher.c
@@ -14,10 +14,13 @@
 
				 */
			
 
				 int register_cipher(const struct ltc_cipher_descriptor *cipher)
			
 
				 {
			
 
				-   int x;
			
 
				+   int x, blank = -1;
			
 
				 
			
 
				    LTC_ARGCHK(cipher != NULL);
			
 
				 
			
 
				+   if (cipher->name == NULL)
			
 
				+      return -1;
			
 
				+
			
 
				    /* is it already registered? */
			
 
				    LTC_MUTEX_LOCK(&ltc_cipher_mutex);
			
 
				    for (x = 0; x < TAB_SIZE; x++) {
			
@@ -25,18 +28,17 @@ int register_cipher(const struct ltc_cipher_descriptor *cipher)
 
				           LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
			
 
				           return x;
			
 
				        }
			
 
				+       if (cipher_descriptor[x].name == NULL && blank == -1) {
			
 
				+          blank = x;
			
 
				+       }
			
 
				    }
			
 
				 
			
 
				    /* find a blank spot */
			
 
				-   for (x = 0; x < TAB_SIZE; x++) {
			
 
				-       if (cipher_descriptor[x].name == NULL) {
			
 
				-          XMEMCPY(&cipher_descriptor[x], cipher, sizeof(struct ltc_cipher_descriptor));
			
 
				-          LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
			
 
				-          return x;
			
 
				-       }
			
 
				+   if (blank != -1) {
			
 
				+       XMEMCPY(&cipher_descriptor[blank], cipher, sizeof(struct ltc_cipher_descriptor));
			
 
				    }
			
 
				 
			
 
				    /* no spot */
			
 
				    LTC_MUTEX_UNLOCK(&ltc_cipher_mutex);
			
 
				-   return -1;
			
 
				+   return blank;
			
 
				 }
			
--- a/src/misc/crypt/crypt_register_hash.c
+++ b/src/misc/crypt/crypt_register_hash.c
@@ -14,10 +14,13 @@
 
				 */
			
 
				 int register_hash(const struct ltc_hash_descriptor *hash)
			
 
				 {
			
 
				-   int x;
			
 
				+   int x, blank = -1;
			
 
				 
			
 
				    LTC_ARGCHK(hash != NULL);
			
 
				 
			
 
				+   if (hash->name == NULL)
			
 
				+      return -1;
			
 
				+
			
 
				    /* is it already registered? */
			
 
				    LTC_MUTEX_LOCK(&ltc_hash_mutex);
			
 
				    for (x = 0; x < TAB_SIZE; x++) {
			
@@ -25,18 +28,17 @@ int register_hash(const struct ltc_hash_descriptor *hash)
 
				           LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
			
 
				           return x;
			
 
				        }
			
 
				+       if (hash_descriptor[x].name == NULL && blank == -1) {
			
 
				+          blank = x;
			
 
				+       }
			
 
				    }
			
 
				 
			
 
				-   /* find a blank spot */
			
 
				-   for (x = 0; x < TAB_SIZE; x++) {
			
 
				-       if (hash_descriptor[x].name == NULL) {
			
 
				-          XMEMCPY(&hash_descriptor[x], hash, sizeof(struct ltc_hash_descriptor));
			
 
				-          LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
			
 
				-          return x;
			
 
				-       }
			
 
				+   /* fill in blank spot */
			
 
				+   if (blank != -1) {
			
 
				+       XMEMCPY(&hash_descriptor[blank], hash, sizeof(struct ltc_hash_descriptor));
			
 
				    }
			
 
				 
			
 
				    /* no spot */
			
 
				    LTC_MUTEX_UNLOCK(&ltc_hash_mutex);
			
 
				-   return -1;
			
 
				+   return blank;
			
 
				 }
			
--- a/src/misc/crypt/crypt_register_prng.c
+++ b/src/misc/crypt/crypt_register_prng.c
@@ -14,10 +14,13 @@
 
				 */
			
 
				 int register_prng(const struct ltc_prng_descriptor *prng)
			
 
				 {
			
 
				-   int x;
			
 
				+   int x, blank = -1;
			
 
				 
			
 
				    LTC_ARGCHK(prng != NULL);
			
 
				 
			
 
				+   if (prng->name == NULL)
			
 
				+      return -1;
			
 
				+
			
 
				    /* is it already registered? */
			
 
				    LTC_MUTEX_LOCK(&ltc_prng_mutex);
			
 
				    for (x = 0; x < TAB_SIZE; x++) {
			
@@ -25,18 +28,17 @@ int register_prng(const struct ltc_prng_descriptor *prng)
 
				           LTC_MUTEX_UNLOCK(&ltc_prng_mutex);
			
 
				           return x;
			
 
				        }
			
 
				+       if (prng_descriptor[x].name == NULL && blank == -1) {
			
 
				+          blank = x;
			
 
				+       }
			
 
				    }
			
 
				 
			
 
				    /* find a blank spot */
			
 
				-   for (x = 0; x < TAB_SIZE; x++) {
			
 
				-       if (prng_descriptor[x].name == NULL) {
			
 
				-          XMEMCPY(&prng_descriptor[x], prng, sizeof(struct ltc_prng_descriptor));
			
 
				-          LTC_MUTEX_UNLOCK(&ltc_prng_mutex);
			
 
				-          return x;
			
 
				-       }
			
 
				+   if (blank != -1) {
			
 
				+       XMEMCPY(&prng_descriptor[blank], prng, sizeof(struct ltc_prng_descriptor));
			
 
				    }
			
 
				 
			
 
				    /* no spot */
			
 
				    LTC_MUTEX_UNLOCK(&ltc_prng_mutex);
			
 
				-   return -1;
			
 
				+   return blank;
			
 
				 }
			
--- a/src/misc/pbes/pbes2.c
+++ b/src/misc/pbes/pbes2.c
@@ -20,6 +20,10 @@ static const oid_id_st s_hmac_oid_names[] = {
 
				    { "1.2.840.113549.2.11", "sha512" },
			
 
				    { "1.2.840.113549.2.12", "sha512-224" },
			
 
				    { "1.2.840.113549.2.13", "sha512-256" },
			
 
				+   { "2.16.840.1.101.3.4.2.13", "sha3-224" },
			
 
				+   { "2.16.840.1.101.3.4.2.14", "sha3-256" },
			
 
				+   { "2.16.840.1.101.3.4.2.15", "sha3-384" },
			
 
				+   { "2.16.840.1.101.3.4.2.16", "sha3-512" },
			
 
				 };
			
 
				 
			
 
				 static int s_pkcs_5_alg2_wrap(const struct password *pwd,
			
--- a/src/misc/pem/pem_ssh.c
+++ b/src/misc/pem/pem_ssh.c
@@ -28,7 +28,7 @@ const struct blockcipher_info ssh_ciphers[] =
 
				    { .name = "[email protected]",        .algo = "aes",      .keylen = 256 / 8, .mode = cm_gcm                 },
			
 
				    { .name = "blowfish128-cbc",               .algo = "blowfish", .keylen = 128 / 8, .mode = cm_cbc                 },
			
 
				    { .name = "blowfish128-ctr",               .algo = "blowfish", .keylen = 128 / 8, .mode = cm_ctr                 },
			
 
				-   /* The algo name doesn't matter, it's only used in pem-info */
			
 
				+   /* The algo name doesn't matter, it's only used in latex-tables */
			
 
				    { .name = "[email protected]", .algo = "c20p1305", .keylen = 256 / 8, .mode = cm_stream | cm_openssh },
			
 
				    { .name = "des-cbc",                       .algo = "des",      .keylen = 64 / 8,  .mode = cm_cbc                 },
			
 
				    { .name = "3des-cbc",                      .algo = "3des",     .keylen = 192 / 8, .mode = cm_cbc                 },
			
--- a/src/pk/asn1/der/bit/der_decode_bit_string.c
+++ b/src/pk/asn1/der/bit/der_decode_bit_string.c
@@ -28,8 +28,8 @@ int der_decode_bit_string(const unsigned char *in,  unsigned long inlen,
 
				    LTC_ARGCHK(out    != NULL);
			
 
				    LTC_ARGCHK(outlen != NULL);
			
 
				 
			
 
				-   /* packet must be at least 4 bytes */
			
 
				-   if (inlen < 4) {
			
 
				+   /* packet must be at least 3 bytes */
			
 
				+   if (inlen < 3) {
			
 
				        return CRYPT_INVALID_ARG;
			
 
				    }
			
 
				 
			
--- a/src/pk/asn1/der/bit/der_decode_raw_bit_string.c
+++ b/src/pk/asn1/der/bit/der_decode_raw_bit_string.c
@@ -31,8 +31,8 @@ int der_decode_raw_bit_string(const unsigned char *in,  unsigned long inlen,
 
				    LTC_ARGCHK(out    != NULL);
			
 
				    LTC_ARGCHK(outlen != NULL);
			
 
				 
			
 
				-   /* packet must be at least 4 bytes */
			
 
				-   if (inlen < 4) {
			
 
				+   /* packet must be at least 3 bytes */
			
 
				+   if (inlen < 3) {
			
 
				        return CRYPT_INVALID_ARG;
			
 
				    }
			
 
				 
			
--- a/src/pk/asn1/x509/x509_decode_subject_public_key_info.c
+++ b/src/pk/asn1/x509/x509_decode_subject_public_key_info.c
@@ -75,6 +75,8 @@ int x509_decode_subject_public_key_info(const unsigned char *in, unsigned long i
 
				       alg_id_num = 1;
			
 
				    } else {
			
 
				       LTC_SET_ASN1(alg_id, 1, parameters_type, parameters, *_parameters_len);
			
 
				+      if (parameters_type == LTC_ASN1_NULL)
			
 
				+         alg_id[1].optional = 1;
			
 
				       alg_id_num = 2;
			
 
				    }
			
 
				 
			
--- a/src/pk/ec25519/tweetnacl.c
+++ b/src/pk/ec25519/tweetnacl.c
@@ -312,6 +312,7 @@ int tweetnacl_crypto_sk_to_pk(u8 *pk, const u8 *sk)
 
				 {
			
 
				   u8 d[64];
			
 
				   gf p[4];
			
 
				+  if (find_hash("sha512") == -1) return CRYPT_INVALID_HASH;
			
 
				   tweetnacl_crypto_hash(d, sk, 32);
			
 
				   d[0] &= 248;
			
 
				   d[31] &= 127;
			
@@ -387,6 +388,8 @@ int tweetnacl_crypto_sign(u8 *sm,u64 *smlen,const u8 *m,u64 mlen,const u8 *sk,co
 
				   i64 i,j,x[64];
			
 
				   gf p[4];
			
 
				 
			
 
				+  if (find_hash("sha512") == -1) return CRYPT_INVALID_HASH;
			
 
				+
			
 
				   tweetnacl_crypto_hash(d, sk, 32);
			
 
				   d[0] &= 248;
			
 
				   d[31] &= 127;
			
@@ -456,6 +459,7 @@ int tweetnacl_crypto_sign_open(int *stat, u8 *m,u64 *mlen,const u8 *sm,u64 smlen
 
				   gf p[4],q[4];
			
 
				 
			
 
				   *stat = 0;
			
 
				+  if (find_hash("sha512") == -1) return CRYPT_INVALID_HASH;
			
 
				   if (*mlen < smlen) return CRYPT_BUFFER_OVERFLOW;
			
 
				   *mlen = -1;
			
 
				   if (smlen < 64) return CRYPT_INVALID_ARG;
			
--- a/src/pk/ecc/ecc_find_curve.c
+++ b/src/pk/ecc/ecc_find_curve.c
@@ -206,6 +206,22 @@ static int s_name_match(const char *left, const char *right)
 
				    return 0;
			
 
				 }
			
 
				 
			
 
				+int ecc_get_curve_names(const char *oid, const char * const **names)
			
 
				+{
			
 
				+   unsigned long i;
			
 
				+
			
 
				+   LTC_ARGCHK(oid   != NULL);
			
 
				+   LTC_ARGCHK(names != NULL);
			
 
				+
			
 
				+   for (i = 0; s_curve_names[i].OID != NULL; ++i) {
			
 
				+      if (XSTRCMP(s_curve_names[i].OID, oid) == 0) {
			
 
				+         *names = s_curve_names[i].names;
			
 
				+         return CRYPT_OK;
			
 
				+      }
			
 
				+   }
			
 
				+   return CRYPT_INVALID_ARG; /* not found */
			
 
				+}
			
 
				+
			
 
				 int ecc_find_curve(const char *name_or_oid, const ltc_ecc_curve **cu)
			
 
				 {
			
 
				    int i, j;
			
--- a/src/pk/ecc/ecc_rfc6979_key.c
+++ b/src/pk/ecc/ecc_rfc6979_key.c
@@ -68,7 +68,7 @@ int ecc_rfc6979_key(const ecc_key *priv, const unsigned char *in, unsigned long
 
				                                k, hashsize,
			
 
				                                k, &klen,
			
 
				                                v, hashsize,
			
 
				-                               sep, 1,
			
 
				+                               sep, 1uL,
			
 
				                                buffer, zero_extend,
			
 
				                                privkey, qlen - zero_extend,
			
 
				                                buffer, len_diff,
			
@@ -86,7 +86,7 @@ int ecc_rfc6979_key(const ecc_key *priv, const unsigned char *in, unsigned long
 
				                                k, klen,
			
 
				                                k, &klen,
			
 
				                                v, hashsize,
			
 
				-                               sep, 1,
			
 
				+                               sep, 1uL,
			
 
				                                buffer, zero_extend,
			
 
				                                privkey, qlen - zero_extend,
			
 
				                                buffer, len_diff,
			
--- a/src/pk/ed25519/ed25519_sign.c
+++ b/src/pk/ed25519/ed25519_sign.c
@@ -23,6 +23,7 @@ static int s_ed25519_sign(const unsigned char  *msg, unsigned long  msglen,
 
				    LTC_ARGCHK(siglen      != NULL);
			
 
				    LTC_ARGCHK(private_key != NULL);
			
 
				 
			
 
				+   if (find_hash("sha512") == -1) return CRYPT_INVALID_HASH;
			
 
				    if (private_key->pka != LTC_PKA_ED25519) return CRYPT_PK_INVALID_TYPE;
			
 
				    if (private_key->type != PK_PRIVATE) return CRYPT_PK_INVALID_TYPE;
			
 
				 
			
--- a/src/pk/ed25519/ed25519_verify.c
+++ b/src/pk/ed25519/ed25519_verify.c
@@ -26,6 +26,7 @@ static int s_ed25519_verify(const  unsigned char *msg, unsigned long msglen,
 
				 
			
 
				    *stat = 0;
			
 
				 
			
 
				+   if (find_hash("sha512") == -1) return CRYPT_INVALID_HASH;
			
 
				    if (siglen != 64uL) return CRYPT_INVALID_ARG;
			
 
				    if (public_key->pka != LTC_PKA_ED25519) return CRYPT_PK_INVALID_TYPE;
			
 
				 
			
--- a/tests/der_test.c
+++ b/tests/der_test.c
@@ -88,125 +88,29 @@ const char ltc_der_tests_cacert_root_cert[] =
 
				    "omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD";
			
 
				 const unsigned long ltc_der_tests_cacert_root_cert_size = sizeof(ltc_der_tests_cacert_root_cert);
			
 
				 
			
 
				-/*
			
 
				-SEQUENCE(3 elem)
			
 
				-    SEQUENCE(8 elem)
			
 
				-        [0](1)
			
 
				-            INTEGER  2
			
 
				-        INTEGER  0
			
 
				-        SEQUENCE(2 elem)
			
 
				-            OBJECT IDENTIFIER 1.2.840.113549.1.1.4
			
 
				-            NULL
			
 
				-        SEQUENCE(4 elem)
			
 
				-            SET(1 elem)
			
 
				-                SEQUENCE(2 elem)
			
 
				-                    OBJECT IDENTIFIER 2.5.4.10
			
 
				-                    PrintableString  Root CA
			
 
				-            SET(1 elem)
			
 
				-                SEQUENCE(2 elem)
			
 
				-                    OBJECT IDENTIFIER 2.5.4.11
			
 
				-                    PrintableString  http://www.cacert.org
			
 
				-            SET(1 elem)
			
 
				-                SEQUENCE(2 elem)
			
 
				-                    OBJECT IDENTIFIER 2.5.4.3
			
 
				-                    PrintableString  CA Cert Signing Authority
			
 
				-            SET(1 elem)
			
 
				-                SEQUENCE(2 elem)
			
 
				-                    OBJECT IDENTIFIER 1.2.840.113549.1.9.1
			
 
				-                    IA5String [email protected]
			
 
				-        SEQUENCE(2 elem)
			
 
				-            UTCTime03-03-30 12:29:49 UTC
			
 
				-            UTCTime33-03-29 12:29:49 UTC
			
 
				-        SEQUENCE(4 elem)
			
 
				-            SET(1 elem)
			
 
				-                SEQUENCE(2 elem)
			
 
				-                    OBJECT IDENTIFIER 2.5.4.10
			
 
				-                    PrintableString Root CA
			
 
				-            SET(1 elem)
			
 
				-                SEQUENCE(2 elem)
			
 
				-                    OBJECT IDENTIFIER 2.5.4.11
			
 
				-                    PrintableString http://www.cacert.org
			
 
				-            SET(1 elem)
			
 
				-                SEQUENCE(2 elem)
			
 
				-                    OBJECT IDENTIFIER 2.5.4.3
			
 
				-                    PrintableString CA Cert Signing Authority
			
 
				-            SET(1 elem)
			
 
				-                SEQUENCE(2 elem)
			
 
				-                    OBJECT IDENTIFIER 1.2.840.113549.1.9.1
			
 
				-                    IA5String [email protected]
			
 
				-        SEQUENCE(2 elem)
			
 
				-            SEQUENCE(2 elem)
			
 
				-                OBJECT IDENTIFIER 1.2.840.113549.1.1.1
			
 
				-                NULL
			
 
				-            BIT STRING(1 elem)
			
 
				-        SEQUENCE(2 elem)
			
 
				-            INTEGER (4096 bit)
			
 
				-            INTEGER 65537
			
 
				-        [3](1)
			
 
				-            SEQUENCE(7 elem)
			
 
				-                SEQUENCE(2 elem)
			
 
				-                    OBJECT IDENTIFIER 2.5.29.14
			
 
				-                    OCTET STRING(1 elem)
			
 
				-                        OCTET STRING(20 byte) 16B5321BD4C7F3E0E68EF3BDD2B03AEEB23918D1
			
 
				-                SEQUENCE(2 elem)
			
 
				-                    OBJECT IDENTIFIER 2.5.29.35
			
 
				-                    OCTET STRING(1 elem)
			
 
				-                        SEQUENCE(3 elem)
			
 
				-                            [0]
			
 
				-                            [1](1)
			
 
				-                                [4](1)
			
 
				-                                SEQUENCE(4 elem)
			
 
				-                                    SET(1 elem)
			
 
				-                                        SEQUENCE(2 elem)
			
 
				-                                            OBJECT IDENTIFIER 2.5.4.10
			
 
				-                                            PrintableString Root CA
			
 
				-                                    SET(1 elem)
			
 
				-                                        SEQUENCE(2 elem)
			
 
				-                                            OBJECT IDENTIFIER 2.5.4.11
			
 
				-                                            PrintableString http://www.cacert.org
			
 
				-                                    SET(1 elem)
			
 
				-                                        SEQUENCE(2 elem)
			
 
				-                                            OBJECT IDENTIFIER 2.5.4.3
			
 
				-                                            PrintableString CA Cert Signing Authority
			
 
				-                                    SET(1 elem)
			
 
				-                                        SEQUENCE(2 elem)
			
 
				-                                            OBJECT IDENTIFIER 1.2.840.113549.1.9.1
			
 
				-                                            IA5String [email protected]
			
 
				-                            [2]
			
 
				-                SEQUENCE(3 elem)
			
 
				-                    OBJECT IDENTIFIER 2.5.29.19
			
 
				-                    BOOLEAN true
			
 
				-                    OCTET STRING(1 elem)
			
 
				-                        SEQUENCE(1 elem)
			
 
				-                            BOOLEAN true
			
 
				-                SEQUENCE(2 elem)
			
 
				-                    OBJECT IDENTIFIER 2.5.29.31
			
 
				-                    OCTET STRING(1 elem)
			
 
				-                        SEQUENCE(1 elem)
			
 
				-                            SEQUENCE(1 elem)
			
 
				-                                [0](1)
			
 
				-                                    [0](1)
			
 
				-                                        [6]
			
 
				-                SEQUENCE(2 elem)
			
 
				-                    OBJECT IDENTIFIER 2.16.840.1.113730.1.4
			
 
				-                    OCTET STRING(1 elem)
			
 
				-                        IA5String https://www.cacert.org/revoke.crl
			
 
				-                SEQUENCE(2 elem)
			
 
				-                    OBJECT IDENTIFIER 2.16.840.1.113730.1.8
			
 
				-                    OCTET STRING(1 elem)
			
 
				-                        IA5String http://www.cacert.org/index.php?id=10
			
 
				-                SEQUENCE(2 elem)
			
 
				-                    OBJECT IDENTIFIER 2.16.840.1.113730.1.13
			
 
				-                    OCTET STRING(1 elem)
			
 
				-                        IA5String To get your own certificate for FREE head over to http://www.cacert.org
			
 
				-    SEQUENCE(2 elem)
			
 
				-        OBJECT IDENTIFIER 1.2.840.113549.1.1.4
			
 
				-        NULL
			
 
				-    BIT STRING(4096 bit)
			
 
				- */
			
 
				+#ifdef LTC_DER_TESTS_PRINT_FLEXI
			
 
				+
			
 
				+#define LTC_DER_PRINT_FLEXI_NO_MAIN
			
 
				+#include "../demos/der_print_flexi.c"
			
 
				 
			
 
				+static void s_der_tests_print_flexi(ltc_asn1_list* l)
			
 
				+{
			
 
				+   fprintf(stderr, "\n\n");
			
 
				+   s_der_print_flexi_i(l, 0);
			
 
				+   fprintf(stderr, "\n\n");
			
 
				+}
			
 
				+
			
 
				+#else
			
 
				+static void s_der_tests_print_flexi(ltc_asn1_list* l)
			
 
				+{
			
 
				+   LTC_UNUSED_PARAM(l);
			
 
				+}
			
 
				+#endif
			
 
				+
			
 
				+#ifndef ASN1_FMTSTRING_FMT
			
 
				 #define ASN1_FMTSTRING_FMT "line: %d, type=%d, size=%lu, data=%p, self=%p, next=%p, prev=%p, parent=%p, child=%p"
			
 
				 #define ASN1_FMTSTRING_VAL(l)  __LINE__, (l)->type, (l)->size, (l)->data, (l), (l)->next, (l)->prev, (l)->parent, (l)->child
			
 
				+#endif
			
 
				 
			
 
				 #define ASN1_ERR(l) fprintf(stderr, ASN1_FMTSTRING_FMT "\n", ASN1_FMTSTRING_VAL(l)); \
			
 
				     exit(EXIT_FAILURE)
			
@@ -230,238 +134,6 @@ SEQUENCE(3 elem)
 
				 #define CHECK_ASN1_HAS_DATA(l) CHECK_ASN1_HAS(l, data)
			
 
				 #define CHECK_ASN1_HAS_NO_DATA(l) CHECK_ASN1_HAS_NO(l, data)
			
 
				 
			
 
				-#ifdef LTC_DER_TESTS_PRINT_FLEXI
			
 
				-
			
 
				-static void* s_xmalloc(int l)
			
 
				-{
			
 
				-   void *r = XMALLOC(l);
			
 
				-
			
 
				-#if defined(LTC_TEST_DBG) && LTC_TEST_DBG > 3
			
 
				-   fprintf(stderr, "ALLOC %9d to %p\n", l, r);
			
 
				-#endif
			
 
				-   if (!r) {
			
 
				-      fprintf(stderr, "Could not allocate %d bytes of memory\n", l);
			
 
				-      exit(EXIT_FAILURE);
			
 
				-   }
			
 
				-   return r;
			
 
				-}
			
 
				-
			
 
				-static void s_free(void *p)
			
 
				-{
			
 
				-#if defined(LTC_TEST_DBG) && LTC_TEST_DBG > 3
			
 
				-   fprintf(stderr, "FREE %p\n", p);
			
 
				-#endif
			
 
				-   XFREE(p);
			
 
				-}
			
 
				-
			
 
				-static void s_der_tests_print_flexi_i(ltc_asn1_list* l, unsigned int level)
			
 
				-{
			
 
				-  char *buf = NULL;
			
 
				-  const char* name = NULL;
			
 
				-  const char* text = NULL;
			
 
				-  ltc_asn1_list* ostring = NULL;
			
 
				-  unsigned int n;
			
 
				-  int slen;
			
 
				-
			
 
				-  switch (l->type)
			
 
				-    {
			
 
				-  case LTC_ASN1_EOL:
			
 
				-    name = "EOL";
			
 
				-    slen = snprintf(NULL, 0, ASN1_FMTSTRING_FMT "\n", ASN1_FMTSTRING_VAL(l));
			
 
				-    buf = s_xmalloc(slen);
			
 
				-    slen = snprintf(buf, slen, ASN1_FMTSTRING_FMT "\n", ASN1_FMTSTRING_VAL(l));
			
 
				-    text = buf;
			
 
				-    break;
			
 
				-  case LTC_ASN1_BOOLEAN:
			
 
				-    name = "BOOLEAN";
			
 
				-    {
			
 
				-      if (*(int*)l->data)
			
 
				-        text = "true";
			
 
				-      else
			
 
				-        text = "false";
			
 
				-    }
			
 
				-    break;
			
 
				-  case LTC_ASN1_INTEGER:
			
 
				-    name = "INTEGER";
			
 
				-    buf = s_xmalloc(((ltc_mp_get_digit_count(l->data) + 1) * ltc_mp.bits_per_digit) / 3);
			
 
				-    ltc_mp_toradix(l->data, buf, 10);
			
 
				-    text = buf;
			
 
				-    break;
			
 
				-  case LTC_ASN1_SHORT_INTEGER:
			
 
				-    name = "SHORT INTEGER";
			
 
				-    break;
			
 
				-  case LTC_ASN1_BIT_STRING:
			
 
				-    name = "BIT STRING";
			
 
				-    break;
			
 
				-  case LTC_ASN1_OCTET_STRING:
			
 
				-    name = "OCTET STRING";
			
 
				-    {
			
 
				-      unsigned long ostring_l = l->size;
			
 
				-      /* sometimes there's another sequence in an octet string...
			
 
				-       * try to decode that... if it fails print out the octet string
			
 
				-       */
			
 
				-      if (der_decode_sequence_flexi(l->data, &ostring_l, &ostring) == CRYPT_OK) {
			
 
				-          text = "";
			
 
				-      } else {
			
 
				-          int r;
			
 
				-          int sz = l->size * 2 + 1;
			
 
				-          char* s = buf = s_xmalloc(sz);
			
 
				-          for (n = 0; n < l->size; ++n) {
			
 
				-              r = snprintf(s, sz, "%02X", ((unsigned char*)l->data)[n]);
			
 
				-              if (r < 0 || r >= sz) {
			
 
				-                  fprintf(stderr, "%s boom\n", name);
			
 
				-                  exit(EXIT_FAILURE);
			
 
				-              }
			
 
				-              s += r;
			
 
				-              sz -= r;
			
 
				-          }
			
 
				-          text = buf;
			
 
				-      }
			
 
				-    }
			
 
				-    break;
			
 
				-  case LTC_ASN1_NULL:
			
 
				-    name = "NULL";
			
 
				-    text = "";
			
 
				-    break;
			
 
				-  case LTC_ASN1_OBJECT_IDENTIFIER:
			
 
				-    name = "OBJECT IDENTIFIER";
			
 
				-    {
			
 
				-      unsigned long len = 0;
			
 
				-      if (pk_oid_num_to_str(l->data, l->size, buf, &len) != CRYPT_BUFFER_OVERFLOW) {
			
 
				-        fprintf(stderr, "%s WTF\n", name);
			
 
				-        exit(EXIT_FAILURE);
			
 
				-      }
			
 
				-      buf = s_xmalloc(len);
			
 
				-      if (pk_oid_num_to_str(l->data, l->size, buf, &len) != CRYPT_OK) {
			
 
				-        fprintf(stderr, "%s boom\n", name);
			
 
				-        exit(EXIT_FAILURE);
			
 
				-      }
			
 
				-      text = buf;
			
 
				-    }
			
 
				-    break;
			
 
				-  case LTC_ASN1_IA5_STRING:
			
 
				-    name = "IA5 STRING";
			
 
				-    text = l->data;
			
 
				-    break;
			
 
				-  case LTC_ASN1_PRINTABLE_STRING:
			
 
				-    name = "PRINTABLE STRING";
			
 
				-    text = l->data;
			
 
				-    break;
			
 
				-  case LTC_ASN1_UTF8_STRING:
			
 
				-    name = "UTF8 STRING";
			
 
				-    break;
			
 
				-  case LTC_ASN1_UTCTIME:
			
 
				-    name = "UTCTIME";
			
 
				-    {
			
 
				-      ltc_utctime* ut = l->data;
			
 
				-      slen = 32;
			
 
				-      buf = s_xmalloc(slen);
			
 
				-      snprintf(buf, slen, "%02d-%02d-%02d %02d:%02d:%02d %c%02d:%02d",
			
 
				-          ut->YY, ut->MM, ut->DD, ut->hh, ut->mm, ut->ss,
			
 
				-          ut->off_dir ? '-' : '+', ut->off_hh, ut->off_mm);
			
 
				-      text = buf;
			
 
				-    }
			
 
				-    break;
			
 
				-  case LTC_ASN1_GENERALIZEDTIME:
			
 
				-    name = "GENERALIZED TIME";
			
 
				-    {
			
 
				-      ltc_generalizedtime* gt = l->data;
			
 
				-      slen = 32;
			
 
				-      buf = s_xmalloc(slen);
			
 
				-      if(gt->fs)
			
 
				-         snprintf(buf, slen, "%04d-%02d-%02d %02d:%02d:%02d.%02dZ",
			
 
				-          gt->YYYY, gt->MM, gt->DD, gt->hh, gt->mm, gt->ss, gt->fs);
			
 
				-      else
			
 
				-         snprintf(buf, slen, "%04d-%02d-%02d %02d:%02d:%02dZ",
			
 
				-          gt->YYYY, gt->MM, gt->DD, gt->hh, gt->mm, gt->ss);
			
 
				-      text = buf;
			
 
				-    }
			
 
				-    break;
			
 
				-  case LTC_ASN1_CHOICE:
			
 
				-    name = "CHOICE";
			
 
				-    break;
			
 
				-  case LTC_ASN1_SEQUENCE:
			
 
				-    name = "SEQUENCE";
			
 
				-    text = "";
			
 
				-    break;
			
 
				-  case LTC_ASN1_SET:
			
 
				-    name = "SET";
			
 
				-    text = "";
			
 
				-    break;
			
 
				-  case LTC_ASN1_SETOF:
			
 
				-    name = "SETOF";
			
 
				-    text = "";
			
 
				-    break;
			
 
				-  case LTC_ASN1_RAW_BIT_STRING:
			
 
				-    name = "RAW BIT STRING";
			
 
				-    break;
			
 
				-  case LTC_ASN1_TELETEX_STRING:
			
 
				-    name = "TELETEX STRING";
			
 
				-    text = l->data;
			
 
				-    break;
			
 
				-  case LTC_ASN1_CUSTOM_TYPE:
			
 
				-    name = "NON STANDARD";
			
 
				-    {
			
 
				-       int r;
			
 
				-       int sz = 128;
			
 
				-       char* s = buf = s_xmalloc(sz);
			
 
				-
			
 
				-       r = snprintf(s, sz, "[%s %s %llu]", der_asn1_class_to_string_map[l->klass], der_asn1_pc_to_string_map[l->pc], l->tag);
			
 
				-       if (r < 0 || r >= sz) {
			
 
				-           fprintf(stderr, "%s boom\n", name);
			
 
				-           exit(EXIT_FAILURE);
			
 
				-       }
			
 
				-       s += r;
			
 
				-       sz -= r;
			
 
				-
			
 
				-       text = buf;
			
 
				-    }
			
 
				-    break;
			
 
				-  }
			
 
				-
			
 
				-  for (n = 0; n < level; ++n) {
			
 
				-     fprintf(stderr, "    ");
			
 
				-  }
			
 
				-  if (name) {
			
 
				-      if (text)
			
 
				-         fprintf(stderr, "%s %s\n", name, text);
			
 
				-      else
			
 
				-         fprintf(stderr, "%s <missing decoding>\n", name);
			
 
				-  }
			
 
				-  else
			
 
				-     fprintf(stderr, "WTF type=%i\n", l->type);
			
 
				-
			
 
				-  if (buf) {
			
 
				-     s_free(buf);
			
 
				-     buf = NULL;
			
 
				-  }
			
 
				-
			
 
				-  if (ostring) {
			
 
				-      s_der_tests_print_flexi_i(ostring, level + 1);
			
 
				-      der_free_sequence_flexi(ostring);
			
 
				-  }
			
 
				-
			
 
				-  if (l->child)
			
 
				-    s_der_tests_print_flexi_i(l->child, level + 1);
			
 
				-
			
 
				-  if (l->next)
			
 
				-    s_der_tests_print_flexi_i(l->next, level);
			
 
				-}
			
 
				-
			
 
				-static void s_der_tests_print_flexi(ltc_asn1_list* l)
			
 
				-{
			
 
				-   fprintf(stderr, "\n\n");
			
 
				-   s_der_tests_print_flexi_i(l, 0);
			
 
				-   fprintf(stderr, "\n\n");
			
 
				-}
			
 
				-
			
 
				-#else
			
 
				-static void s_der_tests_print_flexi(ltc_asn1_list* l)
			
 
				-{
			
 
				-   LTC_UNUSED_PARAM(l);
			
 
				-}
			
 
				-#endif
			
 
				-
			
 
				 static void der_cacert_test(void)
			
 
				 {
			
 
				   unsigned char buf[sizeof(ltc_der_tests_cacert_root_cert)];
			
--- a/tests/no_prng.c
+++ b/tests/no_prng.c
@@ -1,7 +1,6 @@
 
				 /* LibTomCrypt, modular cryptographic library -- Tom St Denis */
			
 
				 /* SPDX-License-Identifier: Unlicense */
			
 
				 
			
 
				-#include "tomcrypt.h"
			
 
				 #include "tomcrypt_test.h"
			
 
				 
			
 
				 /**
			
--- a/tests/rsa-pkcs8/README.txt
+++ b/tests/rsa-pkcs8/README.txt
@@ -27,3 +27,7 @@ openssl pkcs8 -topk8 -inform PEM -outform DER -passout pass:secret -in ../test.k
 
				 openssl pkcs8 -topk8 -inform PEM -outform DER -passout pass:secret -in ../test.key -v2 rc2-40 -v2prf hmacWithSHA512-256 -out key_pkcs8_pbkdf2_sha512_256_rc2_40_cbc.der
			
 
				 openssl pkcs8 -topk8 -inform PEM -outform DER -passout pass:secret -in ../test.key -v2 rc2-64 -v2prf hmacWithSHA512 -out key_pkcs8_pbkdf2_sha512_rc2_64_cbc.der
			
 
				 openssl pkcs8 -topk8 -inform PEM -outform DER -passout pass:secret -in ../test.key -v2 rc2-64 -v2prf hmacWithSHA512-256 -out key_pkcs8_pbkdf2_sha512_256_rc2_64_cbc.der
			
 
				+openssl pkcs8 -topk8 -inform PEM -outform DER -passout pass:secret -in ../test.key -v2 aes256 -v2prf id-hmacWithSHA3-224 -out key_pkcs8_pbkdf2_sha3_224_aes256_cbc.der
			
 
				+openssl pkcs8 -topk8 -inform PEM -outform DER -passout pass:secret -in ../test.key -v2 aes256 -v2prf id-hmacWithSHA3-256 -out key_pkcs8_pbkdf2_sha3_256_aes256_cbc.der
			
 
				+openssl pkcs8 -topk8 -inform PEM -outform DER -passout pass:secret -in ../test.key -v2 aes256 -v2prf id-hmacWithSHA3-384 -out key_pkcs8_pbkdf2_sha3_384_aes256_cbc.der
			
 
				+openssl pkcs8 -topk8 -inform PEM -outform DER -passout pass:secret -in ../test.key -v2 aes256 -v2prf id-hmacWithSHA3-512 -out key_pkcs8_pbkdf2_sha3_512_aes256_cbc.der
			
--- a/tests/rsa-pkcs8/key_pkcs8_pbkdf2_sha3_224_aes256_cbc.der
+++ b/tests/rsa-pkcs8/key_pkcs8_pbkdf2_sha3_224_aes256_cbc.der
--- a/tests/rsa-pkcs8/key_pkcs8_pbkdf2_sha3_256_aes256_cbc.der
+++ b/tests/rsa-pkcs8/key_pkcs8_pbkdf2_sha3_256_aes256_cbc.der
--- a/tests/rsa-pkcs8/key_pkcs8_pbkdf2_sha3_384_aes256_cbc.der
+++ b/tests/rsa-pkcs8/key_pkcs8_pbkdf2_sha3_384_aes256_cbc.der
--- a/tests/rsa-pkcs8/key_pkcs8_pbkdf2_sha3_512_aes256_cbc.der
+++ b/tests/rsa-pkcs8/key_pkcs8_pbkdf2_sha3_512_aes256_cbc.der
--- a/tests/rsa-pkcs8/old/key_pkcs8_pbe_md2_des.der
+++ b/tests/rsa-pkcs8/old/key_pkcs8_pbe_md2_des.der
--- a/tests/rsa-pkcs8/old/key_pkcs8_pbe_md2_rc2_64.der
+++ b/tests/rsa-pkcs8/old/key_pkcs8_pbe_md2_rc2_64.der
--- a/tests/rsa-pkcs8/old/key_pkcs8_pbe_md5_des.der
+++ b/tests/rsa-pkcs8/old/key_pkcs8_pbe_md5_des.der
--- a/tests/rsa-pkcs8/old/key_pkcs8_pbe_md5_rc2_64.der
+++ b/tests/rsa-pkcs8/old/key_pkcs8_pbe_md5_rc2_64.der
--- a/tests/rsa-pkcs8/old/key_pkcs8_pbe_sha1_rc2_64.der
+++ b/tests/rsa-pkcs8/old/key_pkcs8_pbe_sha1_rc2_64.der
--- a/tests/rsa-pkcs8/old/key_pkcs8_pbkdf2_rc2_cbc.der
+++ b/tests/rsa-pkcs8/old/key_pkcs8_pbkdf2_rc2_cbc.der
--- a/tests/rsa-pkcs8/old/key_pkcs8_pbkdf2_sha512_256_rc2_40_cbc.der
+++ b/tests/rsa-pkcs8/old/key_pkcs8_pbkdf2_sha512_256_rc2_40_cbc.der
--- a/tests/rsa-pkcs8/old/key_pkcs8_pbkdf2_sha512_256_rc2_64_cbc.der
+++ b/tests/rsa-pkcs8/old/key_pkcs8_pbkdf2_sha512_256_rc2_64_cbc.der
--- a/tests/rsa-pkcs8/old/key_pkcs8_pbkdf2_sha512_rc2_40_cbc.der
+++ b/tests/rsa-pkcs8/old/key_pkcs8_pbkdf2_sha512_rc2_40_cbc.der
--- a/tests/rsa-pkcs8/old/key_pkcs8_pbkdf2_sha512_rc2_64_cbc.der
+++ b/tests/rsa-pkcs8/old/key_pkcs8_pbkdf2_sha512_rc2_64_cbc.der
--- a/tests/rsa_test.c
+++ b/tests/rsa_test.c
@@ -431,7 +431,7 @@ static int s_rsa_import_x509(const void *in, unsigned long inlen, void *key)
 
				    return rsa_import_x509(in, inlen, key);
			
 
				 }
			
 
				 
			
 
				-#if defined(LTC_MD2) && defined(LTC_MD5) && defined(LTC_RC2)
			
 
				+#if defined(LTC_TEST_READDIR)
			
 
				 static int password_get(void **p, unsigned long *l, void *u)
			
 
				 {
			
 
				    LTC_UNUSED_PARAM(u);
			
@@ -476,8 +476,9 @@ int rsa_test(void)
 
				 #ifdef LTC_TEST_READDIR
			
 
				    DO(test_process_dir("tests/rsa", &key, s_rsa_import_x509, NULL, (dir_cleanup_cb)rsa_free, "rsa_test"));
			
 
				 #if defined(LTC_MD2) && defined(LTC_MD5) && defined(LTC_RC2)
			
 
				-   DO(test_process_dir("tests/rsa-pkcs8", &key, s_rsa_import_pkcs8, NULL, (dir_cleanup_cb)rsa_free, "rsa_pkcs8_test"));
			
 
				+   DO(test_process_dir("tests/rsa-pkcs8/old", &key, s_rsa_import_pkcs8, NULL, (dir_cleanup_cb)rsa_free, "rsa_pkcs8_test"));
			
 
				 #endif
			
 
				+   DO(test_process_dir("tests/rsa-pkcs8", &key, s_rsa_import_pkcs8, NULL, (dir_cleanup_cb)rsa_free, "rsa_pkcs8_test"));
			
 
				 #endif
			
 
				 
			
 
				    DO(s_rsa_cryptx_issue_69());
			
--- a/tests/store_test.c
+++ b/tests/store_test.c
@@ -10,7 +10,7 @@ int store_test(void)
 
				   ulong32 L, L1;
			
 
				   ulong64 LL, LL1;
			
 
				 #ifdef LTC_FAST
			
 
				-  unsigned long x, z;
			
 
				+  unsigned long x, z, zz;
			
 
				 #endif
			
 
				 
			
 
				   for (y = 0; y < 4; y++) {
			
@@ -51,22 +51,22 @@ int store_test(void)
 
				 #ifdef LTC_FAST
			
 
				   y = 16;
			
 
				 
			
 
				-  for (z = 0; z < y; z++) {
			
 
				+  for (z = 0, zz = 2*y - 1; z < y; z++, zz-=2) {
			
 
				      /* fill y bytes with random */
			
 
				      ENSURE(yarrow_read(buf+z,   y, &yarrow_prng) == y);
			
 
				-     ENSURE(yarrow_read(buf+z+y, y, &yarrow_prng) == y);
			
 
				+     ENSURE(yarrow_read(buf+z+y+zz, y, &yarrow_prng) == y);
			
 
				 
			
 
				      /* now XOR it byte for byte */
			
 
				      for (x = 0; x < y; x++) {
			
 
				-         buf[2*y+z+x] = buf[z+x] ^ buf[z+y+x];
			
 
				+         buf[4*y+z+x] = buf[z+x] ^ buf[z+y+x+zz];
			
 
				      }
			
 
				 
			
 
				      /* now XOR it word for word */
			
 
				      for (x = 0; x < y; x += sizeof(LTC_FAST_TYPE)) {
			
 
				-        *(LTC_FAST_TYPE_PTR_CAST(&buf[3*y+z+x])) = *(LTC_FAST_TYPE_PTR_CAST(&buf[z+x])) ^ *(LTC_FAST_TYPE_PTR_CAST(&buf[z+y+x]));
			
 
				+        *(LTC_FAST_TYPE_PTR_CAST(&buf[5*y+z+x])) = *(LTC_FAST_TYPE_PTR_CAST(&buf[z+x])) ^ *(LTC_FAST_TYPE_PTR_CAST(&buf[z+y+x+zz]));
			
 
				      }
			
 
				 
			
 
				-     if (memcmp(&buf[2*y+z], &buf[3*y+z], y)) {
			
 
				+     if (memcmp(&buf[4*y+z], &buf[5*y+z], y)) {
			
 
				         fprintf(stderr, "\nLTC_FAST failed at offset %lu\n", z);
			
 
				         return 1;
			
 
				      }