Update documentation

Fix .Net 2002 compile
This testing occurs on Windows XP. We are still rockin it
2019-08-31 07:46:19 -04:00 · 2019-08-27 14:44:27 -04:00 · 2019-08-27 10:28:13 -04:00 · 2019-08-27 07:52:33 -04:00 · 2019-08-27 07:08:07 -04:00 · 2019-08-27 06:44:02 -04:00
544 changed files with 142659 additions and 40121 deletions
--- a/.appveyor.yml
+++ b/.appveyor.yml
@ -0,0 +1,54 @@
 # Appveyor's documentation is at https://www.appveyor.com/docs/build-phase/,
 #  and a sample configuration file is at https://www.appveyor.com/docs/appveyor-yml/.
 #  I have to admit its a bit complex and I don't fully understand it.
 version: 1.0.{build}
 clone_depth: 3
 skip_tags: true
 configuration:
 - Debug
 - Release
 platform:
 - Win32
 - x64
 image:
 - Visual Studio 2017
 - Visual Studio 2015
 - Visual Studio 2013
 environment:
  matrix:
  - BUILD_MODE: MSBuild
 # Disable build through solution file
 build: off
 # Build through commands in script below
 test_script:
 - ps: >-
    msbuild /t:Build /p:platform="$env:platform" /p:configuration="$env:configuration" cryptlib.vcxproj
    msbuild /t:Build /p:platform="$env:platform" /p:configuration="$env:configuration" cryptest.vcxproj
    msbuild /t:CopyCryptestToRoot cryptest.vcxproj
    .\cryptest.exe v
    .\cryptest.exe tv all
 notifications:
  - provider: Email
    to:
      - cryptopp-build@googlegroups.com
    on_build_success: true
    on_build_failure: true
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1 @@
 *.sh eol=lf
--- a/.github/issue_template.md
+++ b/.github/issue_template.md
@ -0,0 +1,15 @@
 ### Crypto++ Issue Report
 Thanks for taking the time to report an issue. Reporting issues helps us improve stability and reliability for all users, so it is a valuable contribution.
 Please do not ask questions in the bug tracker. Please ask questions on the Crypto++ Users List at http://groups.google.com/forum/#!forum/cryptopp-users.
 There is a wiki page with information on filing useful bug reports. If you have some time please visit http://www.cryptopp.com/wiki/Bug_Report on the wiki. The executive summary is:
 * State the operating system and version (Ubutnu 17 x86_64, Windows 7 Professional x64, etc)
 * State the version of the Crypto++ library (Crypto++ 5.6.5, Master, etc)
 * State how you built the library (Makefile, Cmake, distro, etc)
 * Show a typical command line (the output of the compiler for cryptlib.cpp)
 * Show the link command (the output of the linker for libcryptopp.so or cryptest.exe)
 * Show the exact error message you are receiving (copy and paste it); or
 * Clearly state the undesired behavior (and state the expected behavior)
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,10 @@
 ####################################
 # C++ generic ignore
 # Allows you to use test.cxx and
 # avoid getting in the way of things
 ####################################
 *.cxx
 ####################
 ## Crypto++ specific
 ####################
--- a/.travis.yml
+++ b/.travis.yml
@ -0,0 +1,247 @@
 language: cpp
 os:
  - linux
  - osx
 dist: xenial
 sudo: required
 osx_image: xcode10.1
 git:
  depth: 5
 compiler:
  - clang
  - gcc
 env:
  global:
    - BUILD_JOBS=2
    - ANDROID_HOME="$HOME/.android"
    - ANDROID_SDK="$HOME/android/sdk/"
    - ANDROID_NDK="$HOME/android/sdk/ndk-bundle"
    - ANDROID_SDK_ROOT="$ANDROID_SDK"
    - ANDROID_NDK_ROOT="$ANDROID_NDK"
  matrix:
    - BUILD_MODE="all"
    - BUILD_MODE="native"
    - BUILD_MODE="no-asm"
    - BUILD_MODE="debug"
    - BUILD_MODE="asan"
    - BUILD_MODE="ubsan"
 matrix:
  exclude:
    # Skip GCC on OS X entirely
    - os: osx
      compiler: gcc
  include:
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=autotools
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=cmake
    - os: osx
      env:
        - BUILD_OS=osx
        - BUILD_MODE=autotools
    - os: osx
      env:
        - BUILD_OS=osx
        - BUILD_MODE=cmake
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=android
        - PLATFORM=armeabi-v7a
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=android
        - PLATFORM=armv7a-neon
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=android
        - PLATFORM=aarch64
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=android
        - PLATFORM=mipsel
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=android
        - PLATFORM=mipsel64
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=android
        - PLATFORM=x86
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=android
        - PLATFORM=x86_64
    - os: osx
      env:
        - BUILD_OS=osx
        - BUILD_MODE=ios
        - PLATFORM=iPhoneOS
    - os: osx
      env:
        - BUILD_OS=osx
        - BUILD_MODE=ios
        - PLATFORM=Arm64
    - os: osx
      env:
        - BUILD_OS=osx
        - BUILD_MODE=ios
        - PLATFORM=WatchOS
    - os: osx
      env:
        - BUILD_OS=osx
        - BUILD_MODE=ios
        - PLATFORM=AppleTVOS
    - os: osx
      env:
        - BUILD_OS=osx
        - BUILD_MODE=ios
        - PLATFORM=WatchSimulator
    - os: osx
      env:
        - BUILD_OS=osx
        - BUILD_MODE=ios
        - PLATFORM=AppleTVSimulator
  allow_failures:
    - os: osx
      env:
        - BUILD_OS=osx
        - BUILD_MODE=ios
        - PLATFORM=WatchOS
    - os: osx
      env:
        - BUILD_OS=osx
        - BUILD_MODE=ios
        - PLATFORM=iPhoneSimulator
    - os: osx
      env:
        - BUILD_OS=osx
        - BUILD_MODE=ios
        - PLATFORM=WatchSimulator
    - os: osx
      env:
        - BUILD_OS=osx
        - BUILD_MODE=ios
        - PLATFORM=AppleTVSimulator
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=android
        - PLATFORM=armeabi
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=android
        - PLATFORM=mipsel
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=android
        - PLATFORM=mipsel64
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=android
        - PLATFORM=aarch64
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=android
        - PLATFORM=armeabi-v7a
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=android
        - PLATFORM=armv7a-neon
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=android
        - PLATFORM=x86
    - os: linux
      env:
        - BUILD_OS=linux
        - BUILD_MODE=android
        - PLATFORM=x86_64
 before_install:
  - |
    if [[ "$BUILD_OS" == "linux" ]] && [[ "$BUILD_MODE" == "android" ]]; then
        # https://github.com/travis-ci/travis-ci/issues/9037
        sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 0C49F3730359A145
        sudo apt-get update
        source TestScripts/setenv-travis.sh
        bash TestScripts/install-android.sh
    fi
    if [[ "$BUILD_OS" == "linux" ]] && [[ "$BUILD_MODE" == "autotools" ]]; then
        # https://github.com/travis-ci/travis-ci/issues/9037
        sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 0C49F3730359A145
        sudo apt-get install -y autoconf automake libtool
    fi
 script:
  - |
    if [[ "$BUILD_MODE" == "ios" ]]; then
        cp TestScripts/setenv-ios.sh .
        cp TestScripts/cryptest-ios.sh .
        bash cryptest-ios.sh
    elif [[ "$BUILD_MODE" == "android" ]]; then
        cp TestScripts/setenv-android-gcc.sh .
        cp TestScripts/cryptest-android.sh .
        bash cryptest-android.sh
    elif [[ "$BUILD_MODE" == "autotools" ]]; then
        cp TestScripts/cryptest-autotools.sh .
        bash cryptest-autotools.sh
    elif [[ "$BUILD_MODE" == "cmake" ]]; then
        cp TestScripts/cryptest-cmake.sh .
        bash cryptest-cmake.sh
    elif [[ "$BUILD_MODE" == "debug" ]]; then
        CXXFLAGS="-DDEBUG -g2 -O1" make -j "$BUILD_JOBS"
        ./cryptest.exe v
        ./cryptest.exe tv all
    else
        make "$BUILD_MODE" -j "$BUILD_JOBS"
        ./cryptest.exe v
        ./cryptest.exe tv all
    fi
 # whitelist branches to avoid testing feature branches twice
 branches:
  only:
    - master
 addons:
  sonarcloud: false
  coverity_scan:
    project:
      name: "cryptopp"
    build_command: "make -j 2"
 notifications:
  email:
    recipients:
      - cryptopp-build@googlegroups.com
    on_success: always # default: change
    on_failure: always # default: always
--- a/3way.cpp
+++ b/3way.cpp
@ -7,7 +7,7 @@
 NAMESPACE_BEGIN(CryptoPP)
-#if CRYPTOPP_DEBUG && !defined(CRYPTOPP_DOXYGEN_PROCESSING)
+#if defined(CRYPTOPP_DEBUG) && !defined(CRYPTOPP_DOXYGEN_PROCESSING)
 void ThreeWay_TestInstantiations()
 {
 	ThreeWay::Encryption x1;
@ -19,9 +19,6 @@ namespace
 {
 	const word32 START_E = 0x0b0b; // round constant of first encryption round
 	const word32 START_D = 0xb1b1; // round constant of first decryption round
 #ifdef CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
 	const word32 RC_MODULUS = 0x11011;
 #endif
 }
 static inline word32 reverseBits(word32 a)
@ -42,10 +39,10 @@ static inline word32 reverseBits(word32 a)
 #define pi_gamma_pi(a0, a1, a2)   \
 {                                 \
 	word32 b0, b2;                          \
-	b2 = rotlFixed(a2, 1U);				\
+	b2 = rotlConstant<1>(a2);               \
-	b0 = rotlFixed(a0, 22U);				\
+	b0 = rotlConstant<22>(a0);				\
-	a0 = rotlFixed(b0 ^ (a1|(~b2)), 1U);	\
+	a0 = rotlConstant<1>(b0 ^ (a1|(~b2)));	\
-	a2 = rotlFixed(b2 ^ (b0|(~a1)), 22U);\
+	a2 = rotlConstant<22>(b2 ^ (b0|(~a1))); \
 	a1 ^= (b2|(~b0));                       \
 }
@ -54,7 +51,7 @@ static inline word32 reverseBits(word32 a)
 { 															\
 	word32 b0, b1, c; 										\
 	c = a0 ^ a1 ^ a2; 										\
-	c = rotlFixed(c, 16U) ^ rotlFixed(c, 8U);				\
+	c = rotlConstant<16>(c) ^ rotlConstant<8>(c);			\
 	b0 = (a0 << 24) ^ (a2 >> 8) ^ (a1 << 8) ^ (a0 >> 24); 	\
 	b1 = (a1 << 24) ^ (a0 >> 8) ^ (a2 << 8) ^ (a1 >> 24); 	\
 	a0 ^= c ^ b0; 											\
--- a/3way.h
+++ b/3way.h
@ -1,7 +1,7 @@
-// 3way.h - written and placed in the public domain by Wei Dai
+// 3way.h - originally written and placed in the public domain by Wei Dai
-//! \file 3way.h
+/// \file 3way.h
-//! \brief Classes for the 3-Way block cipher
+/// \brief Classes for the 3-Way block cipher
 #ifndef CRYPTOPP_THREEWAY_H
 #define CRYPTOPP_THREEWAY_H
@ -12,21 +12,18 @@
 NAMESPACE_BEGIN(CryptoPP)
-//! \class ThreeWay_Info
+/// \brief ThreeWay block cipher information
 //! \brief ThreeWay block cipher information
 struct ThreeWay_Info : public FixedBlockSize<12>, public FixedKeyLength<12>, public VariableRounds<11>
 {
-	CRYPTOPP_CONSTEXPR static const char *StaticAlgorithmName() {return "3-Way";}
+	CRYPTOPP_STATIC_CONSTEXPR const char* StaticAlgorithmName() {return "3-Way";}
 };
-//! \class ThreeWay
+/// \brief ThreeWay block cipher
-//! \brief ThreeWay block cipher
+/// \sa <a href="http://www.cryptopp.com/wiki/3-Way">3-Way</a>
 //! \sa <a href="http://www.weidai.com/scan-mirror/cs.html#3-Way">3-Way</a>
 class ThreeWay : public ThreeWay_Info, public BlockCipherDocumentation
 {
-	//! \class Base
+	/// \brief Class specific implementation and overrides used to operate the cipher.
-	//! \brief Class specific implementation and overrides used to operate the cipher.
+	/// \details Implementations and overrides in \p Base apply to both \p ENCRYPTION and \p DECRYPTION directions
 	//! \details Implementations and overrides in \p Base apply to both \p ENCRYPTION and \p DECRYPTION directions
 	class CRYPTOPP_NO_VTABLE Base : public BlockCipherImpl<ThreeWay_Info>
 	{
 	public:
@ -37,18 +34,16 @@ class ThreeWay : public ThreeWay_Info, public BlockCipherDocumentation
 		FixedSizeSecBlock<word32, 3> m_k;
 	};
-	//! \class Enc
+	/// \brief Class specific methods used to operate the cipher in the forward direction.
-	//! \brief Class specific methods used to operate the cipher in the forward direction.
+	/// \details Implementations and overrides in \p Enc apply to \p ENCRYPTION.
 	//! \details Implementations and overrides in \p Enc apply to \p ENCRYPTION.
 	class CRYPTOPP_NO_VTABLE Enc : public Base
 	{
 	public:
 		void ProcessAndXorBlock(const byte *inBlock, const byte *xorBlock, byte *outBlock) const;
 	};
-	//! \class Dec
+	/// \brief Class specific methods used to operate the cipher in the reverse direction.
-	//! \brief Class specific methods used to operate the cipher in the reverse direction.
+	/// \details Implementations and overrides in \p Dec apply to \p DECRYPTION.
 	//! \details Implementations and overrides in \p Dec apply to \p DECRYPTION.
 	class CRYPTOPP_NO_VTABLE Dec : public Base
 	{
 	public:
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -1,427 +0,0 @@
 # Please ensure your changes or patch meets minimum requirements.
 #   The minimum requirements are 2.8.5. They roughly equate to Ubuntu 12.04 LTS
 #   Please do not check in something for 2.8.12 or 3.5.0. To test your changes,
 #   please set up a Ubuntu 12.04 LTS system. Then, manually install Cmake 2.8.5
 #   from http://cmake.org/Wiki/CMake_Released_Versions.
 cmake_minimum_required(VERSION 2.8.5 FATAL_ERROR)
 project(cryptopp)
 # Make RelWithDebInfo the default (it does e.g. add '-O2 -g -DNDEBUG' for GNU)
 #   If not in multi-configuration environments, no explicit build type or CXX 
 #   flags are set by the user and if we are the root CMakeLists.txt file.
 if (NOT CMAKE_CONFIGURATION_TYPES AND 
    NOT CMAKE_NO_BUILD_TYPE AND
    NOT CMAKE_BUILD_TYPE AND
    NOT CMAKE_CXX_FLAGS AND
    CMAKE_SOURCE_DIR STREQUAL CMAKE_CURRENT_SOURCE_DIR)
 	set(CMAKE_BUILD_TYPE RelWithDebInfo)
 endif()
 set(cryptopp_VERSION_MAJOR 5)
 set(cryptopp_VERSION_MINOR 6)
 set(cryptopp_VERSION_PATCH 5)
 include(GNUInstallDirs)
 include(TestBigEndian)
 include(CheckCXXCompilerFlag)
 #============================================================================
 # Settable options
 #============================================================================
 option(BUILD_STATIC "Build static library" ON)
 option(BUILD_SHARED "Build shared library" ON)
 option(BUILD_TESTING "Build library tests" ON)
 option(BUILD_DOCUMENTATION "Use Doxygen to create the HTML based API documentation" OFF)
 option(DISABLE_ASM "Disable ASM" OFF)
 option(DISABLE_SSSE3 "Disable SSSE3" OFF)
 option(DISABLE_AESNI "Disable AES-NI" OFF)
 set(CRYPTOPP_DATA_DIR "" CACHE PATH "Crypto++ test data directory")
 #============================================================================
 # Internal compiler options
 #============================================================================
 # Stop hiding the damn output...
 # set(CMAKE_VERBOSE_MAKEFILE on)
 # Always 1 ahead in Master. Also see http://groups.google.com/forum/#!topic/cryptopp-users/SFhqLDTQPG4
 set(LIB_VER ${cryptopp_VERSION_MAJOR}${cryptopp_VERSION_MINOR}${cryptopp_VERSION_PATCH})
 # Only set when cross-compiling, http://www.vtk.org/Wiki/CMake_Cross_Compiling
 if (NOT (CMAKE_SYSTEM_VERSION AND CMAKE_SYSTEM_PROCESSOR))
 	set(CRYPTOPP_CROSS_COMPILE 1)
 else()
 	set(CRYPTOPP_CROSS_COMPILE 0)
 endif()
 # Don't use RPATH's. The resulting binary could fail a security audit.
 if (NOT CMAKE_VERSION VERSION_LESS 2.8.12)
  set(CMAKE_MACOSX_RPATH 0)
 endif()
 if(CMAKE_CXX_COMPILER_ID MATCHES "Intel")
 	add_definitions(-wd68 -wd186 -wd279 -wd327 -wd161 -wd3180)
 endif()
 # Endianess
 TEST_BIG_ENDIAN(IS_BIG_ENDIAN)
 if(IS_BIG_ENDIAN)
 	add_definitions(-DIS_BIG_ENDIAN)
 endif()
 if(DISABLE_ASM)
 	add_definitions(-DCRYPTOPP_DISABLE_ASM)
 endif()
 if(DISABLE_SSSE3)
 	add_definitions(-DCRYPTOPP_DISABLE_SSSE3)
 endif()
 if(DISABLE_AESNI)
 	add_definitions(-DCRYPTOPP_DISABLE_AESNI)
 endif()
 if(NOT CRYPTOPP_DATA_DIR STREQUAL "")
 	add_definitions(-DCRYPTOPP_DATA_DIR="${CRYPTOPP_DATA_DIR}")
 endif()
 # We need the output 'uname -s' for Unix and Linux system detection
 if (NOT CRYPTOPP_CROSS_COMPILE)
 	set (UNAME_CMD "uname")
 	set (UNAME_ARG "-s")
 	execute_process(COMMAND ${UNAME_CMD} ${UNAME_ARG}
 		WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}
 		RESULT_VARIABLE UNAME_RESULT
 		OUTPUT_VARIABLE UNAME_SYSTEM)
 		string(REGEX REPLACE "\n$" "" UNAME_SYSTEM "${UNAME_SYSTEM}")
 endif()
 # We need the output 'uname -m' for Unix and Linux platform detection
 if (NOT CRYPTOPP_CROSS_COMPILE)
 	set (UNAME_CMD "uname")
 	set (UNAME_ARG "-m")
 	execute_process(COMMAND ${UNAME_CMD} ${UNAME_ARG}
 		WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}
 		RESULT_VARIABLE UNAME_RESULT
 		OUTPUT_VARIABLE UNAME_MACHINE)
 	string(REGEX REPLACE "\n$" "" UNAME_MACHINE "${UNAME_MACHINE}")
 endif()
 if(WINDOWS_STORE OR WINDOWS_PHONE)
 	if("${CMAKE_SYSTEM_VERSION}" MATCHES "10\\.0.*")
 		SET( CMAKE_CXX_FLAGS  "${CMAKE_CXX_FLAGS} /D\"_WIN32_WINNT=0x0A00\"" )
 	endif()
 	SET( CMAKE_CXX_FLAGS  "${CMAKE_CXX_FLAGS} /FI\"winapifamily.h\"" )
 endif()
 # Enable PIC for all targets except Windows and 32-bit x86.
 #   Avoid on 32-bit x86 due to register pressures.
 if ((NOT CRYPTOPP_CROSS_COMPILE) AND (NOT (WINDOWS OR WINDOWS_STORE OR WINDOWS_PHONE)))
 	# Use Regex; match i386, i486, i586 and i686
 	if (NOT (${UNAME_MACHINE} MATCHES "i.86"))
 		SET(CMAKE_POSITION_INDEPENDENT_CODE 1)
 	endif()
 endif()
 # -march=native for GCC, Clang and ICC in any version that does support it.
 if ((NOT CRYPTOPP_CROSS_COMPILE) AND (CMAKE_CXX_COMPILER_ID MATCHES "Clang|GNU|Intel"))
 	CHECK_CXX_COMPILER_FLAG("-march=native" COMPILER_OPT_ARCH_NATIVE_SUPPORTED)
 	if (COMPILER_OPT_ARCH_NATIVE_SUPPORTED AND NOT CMAKE_CXX_FLAGS MATCHES "-march=")
 		SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -march=native")
 	endif()
 endif()
 # Solaris specific 
 if ((NOT CRYPTOPP_CROSS_COMPILE) AND "${UNAME_SYSTEM}" STREQUAL "SunOS")
 	# SunCC needs -native
 	if ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "SunPro")
 		SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -native")
 	endif()
 	# Determine 32-bit vs 64-bit
 	set (ISA_CMD "isainfo")
 	set (ISA_ARG "-b")
 	execute_process(COMMAND ${ISA_CMD} ${ISA_ARG}
 		WORKING_DIRECTORY ${PROJECT_SOURCE_DIR}
 		RESULT_VARIABLE ISA_RESULT
 		OUTPUT_VARIABLE ISA_INFO)
 	string(REGEX REPLACE "\n$" "" ISA_INFO "${ISA_INFO}")
 	# Set 64-bit or 32-bit
 	if ("${ISA_INFO}" STREQUAL "64")
 		SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -m64")
 	else()
 		SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -m32")
 	endif()
 	# GCC needs to enable use of '/'
 	if ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "GNU")
 		SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wa,--divide")
 	endif()
 	# SunCC needs -native
 	if ("${CMAKE_CXX_COMPILER_ID}" STREQUAL "SunPro")
 		SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -template=no%extdef")
 	endif()
 endif()
 # Link is driven through the compiler, but CXXFLAGS are not used. Also see
 #   http://public.kitware.com/pipermail/cmake/2003-June/003967.html
 if (NOT (WINDOWS OR WINDOWS_STORE OR WINDOWS_PHONE))
 	SET(CMAKE_CXX_LINK_FLAGS "${CMAKE_CXX_FLAGS}")
 endif()
 #============================================================================
 # Sources & headers
 #============================================================================
 # Library headers
 file(GLOB cryptopp_HEADERS *.h)
 # Test sources. You can use the GNUmakefile to generate the list: `make sources`.
 file(GLOB cryptopp_SOURCES_TEST test.cpp bench1.cpp bench2.cpp validat1.cpp validat2.cpp validat3.cpp adhoc.cpp datatest.cpp regtest.cpp fipsalgt.cpp dlltest.cpp fipstest.cpp)
 # Library sources. You can use the GNUmakefile to generate the list: `make sources`.
 file(GLOB cryptopp_SOURCES *.cpp)
 list(REMOVE_ITEM cryptopp_SOURCES
 		${CMAKE_CURRENT_SOURCE_DIR}/cryptlib.cpp
 		${CMAKE_CURRENT_SOURCE_DIR}/cpu.cpp
 		${CMAKE_CURRENT_SOURCE_DIR}/integer.cpp
 		${CMAKE_CURRENT_SOURCE_DIR}/pch.cpp
 		${CMAKE_CURRENT_SOURCE_DIR}/simple.cpp
 		${CMAKE_CURRENT_SOURCE_DIR}/winpipes.cpp
 		${CMAKE_CURRENT_SOURCE_DIR}/cryptlib_bds.cpp
 		${cryptopp_SOURCES_TEST}
 		)
 set(cryptopp_SOURCES
 		${CMAKE_CURRENT_SOURCE_DIR}/cryptlib.cpp
 		${CMAKE_CURRENT_SOURCE_DIR}/cpu.cpp
 		${CMAKE_CURRENT_SOURCE_DIR}/integer.cpp
 		${cryptopp_SOURCES}
 		)
 if(MINGW OR WIN32)
 	list(APPEND cryptopp_SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/winpipes.cpp)
 endif()
 if(MSVC AND NOT DISABLE_ASM)
 	if(${CMAKE_GENERATOR} MATCHES ".*ARM")
 		message(STATUS "Disabling ASM because ARM is specified as target platform.")
 	else()
 		if(CMAKE_SIZEOF_VOID_P EQUAL 8)
 			list(APPEND cryptopp_SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/x64dll.asm)
 			list(APPEND cryptopp_SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/x64masm.asm)
 			set_source_files_properties(${CMAKE_CURRENT_SOURCE_DIR}/x64dll.asm PROPERTIES COMPILE_FLAGS "/D_M_X64")
 			set_source_files_properties(${CMAKE_CURRENT_SOURCE_DIR}/x64masm.asm PROPERTIES COMPILE_FLAGS "/D_M_X64")
 			set_source_files_properties(${CMAKE_CURRENT_SOURCE_DIR}/rdrand.asm PROPERTIES COMPILE_FLAGS "/D_M_X64")
 		else()
 			set_source_files_properties(${CMAKE_CURRENT_SOURCE_DIR}/x64dll.asm PROPERTIES COMPILE_FLAGS "/D_M_X86 /safeseh")
 			set_source_files_properties(${CMAKE_CURRENT_SOURCE_DIR}/x64masm.asm PROPERTIES COMPILE_FLAGS "/D_M_X86 /safeseh")
 			set_source_files_properties(${CMAKE_CURRENT_SOURCE_DIR}/rdrand.asm PROPERTIES COMPILE_FLAGS "/D_M_X86 /safeseh")
 		endif()
 		list(APPEND cryptopp_SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/rdrand.asm)
 		enable_language(ASM_MASM)
 	endif()
 endif()
 #============================================================================
 # Compile targets
 #============================================================================
 # Set global includes BEFORE adding any targets for legacy CMake versions
 if(CMAKE_VERSION VERSION_LESS 2.8.12)
 	include_directories("${CMAKE_CURRENT_SOURCE_DIR}")
 endif()
 if(NOT CMAKE_VERSION VERSION_LESS 2.8.8)
 	add_library(cryptopp-object OBJECT ${cryptopp_SOURCES})
 endif()
 if (BUILD_STATIC)
 	if(NOT CMAKE_VERSION VERSION_LESS 2.8.8)
 		add_library(cryptopp-static STATIC $<TARGET_OBJECTS:cryptopp-object>)
 	else()
 		add_library(cryptopp-static STATIC ${cryptopp_SOURCES})
 	endif()
 	if (NOT CMAKE_VERSION VERSION_LESS 2.8.12)
 		target_include_directories(cryptopp-static PUBLIC $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}> $<INSTALL_INTERFACE:include/cryptopp>)
 	endif()
 endif()
 if (BUILD_SHARED)
 	if(NOT CMAKE_VERSION VERSION_LESS 2.8.8)
 		add_library(cryptopp-shared SHARED $<TARGET_OBJECTS:cryptopp-object>)
 	else()
 		add_library(cryptopp-shared SHARED ${cryptopp_SOURCES})
 	endif()
 	if (NOT CMAKE_VERSION VERSION_LESS 2.8.12)
 		target_include_directories(cryptopp-shared PUBLIC $<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}> $<INSTALL_INTERFACE:include/cryptopp>)
 	endif()
 endif()
 # Set filenames for targets to be "cryptopp"
 if(NOT MSVC)
 	set(COMPAT_VERSION ${cryptopp_VERSION_MAJOR}.${cryptopp_VERSION_MINOR})
 	if (BUILD_STATIC)
 		set_target_properties(cryptopp-static
 				PROPERTIES
 				OUTPUT_NAME cryptopp)
 	endif()
 	if (BUILD_SHARED)
 		set_target_properties(cryptopp-shared
 				PROPERTIES
 				SOVERSION ${COMPAT_VERSION}
 				OUTPUT_NAME cryptopp)
 	endif()
 endif()
 # Targets, compatible with Crypto++ GNUMakefile
 if (BUILD_STATIC)
 	add_custom_target(static)
 	add_dependencies(static cryptopp-static)
 endif()
 if (BUILD_SHARED)
 	add_custom_target(dynamic)
 	add_dependencies(dynamic cryptopp-shared)
 endif()
 #============================================================================
 # Third-party libraries
 #============================================================================
 if(WIN32)
 	if (BUILD_STATIC)
 		target_link_libraries(cryptopp-static ws2_32)
 	endif()
 	if (BUILD_SHARED)
 		target_link_libraries(cryptopp-shared ws2_32)
 	endif()
 endif()
 # This may need to be expanded to "Solaris"
 if ("${UNAME_SYSTEM}" STREQUAL "SunOS")
 	if (BUILD_STATIC)
 		target_link_libraries(cryptopp-static nsl socket)
 	endif()
 	if (BUILD_SHARED)
 		target_link_libraries(cryptopp-shared nsl socket)
 	endif()
 endif()
 find_package(Threads)
 if (BUILD_STATIC)
 	target_link_libraries(cryptopp-static ${CMAKE_THREAD_LIBS_INIT})
 endif()
 if (BUILD_SHARED)
 	target_link_libraries(cryptopp-shared ${CMAKE_THREAD_LIBS_INIT})
 endif()
 #============================================================================
 # Tests
 #============================================================================
 enable_testing()
 if(BUILD_TESTING)
 	add_executable(cryptest ${cryptopp_SOURCES_TEST})
 	target_link_libraries(cryptest cryptopp-static)
 	# Setting "cryptest" binary name to "cryptest.exe"
 	if(NOT WIN32)
 		set_target_properties(cryptest PROPERTIES OUTPUT_NAME cryptest.exe)
 	endif()
 	if(NOT TARGET cryptest.exe)
 		add_custom_target(cryptest.exe)
 		add_dependencies(cryptest.exe cryptest)
 	endif()
 	file(COPY ${CMAKE_CURRENT_SOURCE_DIR}/TestData DESTINATION ${PROJECT_BINARY_DIR})
 	file(COPY ${CMAKE_CURRENT_SOURCE_DIR}/TestVectors DESTINATION ${PROJECT_BINARY_DIR})
 	add_test(NAME build_cryptest COMMAND "${CMAKE_COMMAND}" --build ${CMAKE_BINARY_DIR} --target cryptest)
 	add_test(NAME cryptest COMMAND $<TARGET_FILE:cryptest> v)
 	set_tests_properties(cryptest PROPERTIES DEPENDS build_cryptest)
 endif()
 #============================================================================
 # Doxygen documentation
 #============================================================================
 if(BUILD_DOCUMENTATION)
 	find_package(Doxygen REQUIRED)
 	set(in_source_DOCS_DIR "${CMAKE_CURRENT_SOURCE_DIR}/html-docs")
 	set(out_source_DOCS_DIR "${PROJECT_BINARY_DIR}/html-docs")
 	add_custom_target(docs ALL
 			COMMAND ${DOXYGEN_EXECUTABLE} Doxyfile -d CRYPTOPP_DOXYGEN_PROCESSING
 			WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
 			SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/Doxyfile
 			)
 	if(NOT ${in_source_DOCS_DIR} STREQUAL ${out_source_DOCS_DIR})
 		add_custom_command(
 				TARGET docs POST_BUILD
 				COMMAND ${CMAKE_COMMAND} -E copy_directory "${in_source_DOCS_DIR}" "${out_source_DOCS_DIR}"
 				COMMAND ${CMAKE_COMMAND} -E remove_directory "${in_source_DOCS_DIR}"
 		)
 	endif()
 endif()
 #============================================================================
 # Install
 #============================================================================
 set(export_name "cryptopp-targets")
 # Runtime package
 if (BUILD_SHARED)
 	install(
 			TARGETS cryptopp-shared
 			EXPORT ${export_name}
 			DESTINATION ${CMAKE_INSTALL_LIBDIR}
 			RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR}
 			LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR}
 			ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR}
 	)
 endif()
 # Development package
 if (BUILD_STATIC)
 	install(TARGETS cryptopp-static EXPORT ${export_name} DESTINATION ${CMAKE_INSTALL_LIBDIR})
 endif()
 install(FILES ${cryptopp_HEADERS} DESTINATION include/cryptopp)
 # CMake Package
 if(NOT CMAKE_VERSION VERSION_LESS 2.8.8)	# CMakePackageConfigHelpers is supported from 2.8.8
 	include(CMakePackageConfigHelpers)
 	write_basic_package_version_file("${PROJECT_BINARY_DIR}/cryptopp-config-version.cmake" VERSION ${cryptopp_VERSION_MAJOR}.${cryptopp_VERSION_MINOR}.${cryptopp_VERSION_PATCH} COMPATIBILITY SameMajorVersion)
 	install(FILES cryptopp-config.cmake ${PROJECT_BINARY_DIR}/cryptopp-config-version.cmake DESTINATION "lib/cmake/cryptopp")
 	install(EXPORT ${export_name} DESTINATION "lib/cmake/cryptopp")
 endif()
 # Tests
 if(BUILD_TESTING)
 	install(TARGETS cryptest DESTINATION ${CMAKE_INSTALL_BINDIR})
 	install(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/TestData DESTINATION ${CMAKE_INSTALL_DATAROOTDIR}/cryptopp)
 	install(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/TestVectors DESTINATION ${CMAKE_INSTALL_DATAROOTDIR}/cryptopp)
 endif()
 # Documentation
 if(BUILD_DOCUMENTATION)
 	install(DIRECTORY "${out_source_DOCS_DIR}" DESTINATION ${CMAKE_INSTALL_DOCDIR})
 endif()
 # Print a configuration summary. We want CXX and CXXFLAGS, but they are not includd in ALL.
 if (NOT CMAKE_VERSION VERSION_LESS 3.0.2)
 	include(FeatureSummary)
 	message(STATUS "Compiler: ${CXX}")
 	message(STATUS "Flags: ${CMAKE_CXX_FLAGS}")
 	message(STATUS "Build type: ${CMAKE_BUILD_TYPE}")
 	feature_summary(WHAT ALL
 		VAR cryptoppFeatures)
        message(STATUS "${cryptoppFeatures}")
 endif()
--- a/13
+++ b/13
@ -41,7 +41,7 @@ PROJECT_NAME           = Crypto++
 # could be handy for archiving the generated documentation or if some version
 # control system is used.
-PROJECT_NUMBER         = 5.6.5
+PROJECT_NUMBER         = 8.3
 # Using the PROJECT_BRIEF tag one can provide an optional one line description
 # for a project that appears at the top of each page and should give viewer a
@ -767,7 +767,7 @@ INPUT                  = . \
                         GNUmakefile \
                         GNUmakefile-cross \
                         rdrand.asm \
-                         rdrand.S
+                         rdrand.s
 # This tag can be used to specify the character encoding of the source files
 # that doxygen parses. Internally doxygen uses the UTF-8 encoding. Doxygen uses
@ -1225,8 +1225,7 @@ DOCSET_PUBLISHER_NAME  = Crypto++
 # compressed HTML files.
 # The default value is: NO.
 # This tag requires that the tag GENERATE_HTML is set to YES.
-
+GENERATE_HTMLHELP      = NO
 GENERATE_HTMLHELP      = YES
 # The CHM_FILE tag can be used to specify the file name of the resulting .chm
 # file. You can add a path in front of the file if the result should not be
@ -1494,6 +1493,9 @@ MATHJAX_CODEFILE       =
 # The default value is: YES.
 # This tag requires that the tag GENERATE_HTML is set to YES.
 # JW: Do _not_ enable server-side search. It consumes too many resources
 # and results in OOM Kills on MySQL, which corrupts the database.
 # https://github.com/weidai11/cryptopp/issues/720
 SEARCHENGINE		 = NO
 # When the SERVER_BASED_SEARCH tag is enabled the search engine will be
@ -1506,6 +1508,9 @@ SEARCHENGINE           = NO
 # The default value is: NO.
 # This tag requires that the tag SEARCHENGINE is set to YES.
 # JW: Do _not_ enable server-side search. It consumes too many resources
 # and results in OOM Kills on MySQL, which corrupts the database.
 # https://github.com/weidai11/cryptopp/issues/720
 SERVER_BASED_SEARCH	 = NO
 # When EXTERNAL_SEARCH tag is enabled doxygen will no longer generate the PHP
--- a/Filelist.txt
+++ b/Filelist.txt
@ -1,16 +1,24 @@
 3way.cpp
 3way.h
 adhoc.cpp.proto
 adv_simd.h
 adler32.cpp
 adler32.h
 aes.h
 aes_armv4.h
 aes_armv4.S
 algebra.cpp
 algebra.h
 algparam.cpp
 algparam.h
 arc4.cpp
 arc4.h
 ariatab.cpp
 aria.cpp
 aria_simd.cpp
 aria.h
 argnames.h
 arm_simd.h
 asn.cpp
 asn.h
 authenc.cpp
@ -25,8 +33,11 @@ bench.h
 bds10.zip
 bench1.cpp
 bench2.cpp
 bench3.cpp
 bfinit.cpp
 blake2.cpp
 blake2s_simd.cpp
 blake2b_simd.cpp
 blake2.h
 blowfish.cpp
 blowfish.h
@ -42,16 +53,33 @@ cbcmac.h
 ccm.cpp
 ccm.h
 chacha.cpp
 chacha_avx.cpp
 chacha_simd.cpp
 chacha.h
 chachapoly.cpp
 chachapoly.h
 cham.cpp
 cham_simd.cpp
 cham.h
 channels.cpp
 channels.h
 cmac.cpp
 cmac.h
 config.h
-config.compat
+config_align.h
 config_asm.h
 config_cpu.h
 config_cxx.h
 config_dll.h
 config_int.h
 config_misc.h
 config_ns.h
 config_os.h
 config_ver.h
 cpu.cpp
 cpu.h
 crc.cpp
 crc_simd.cpp
 crc.h
 cryptdll.vcxproj
 cryptdll.vcxproj.filters
@ -60,12 +88,15 @@ cryptest.sln
 cryptest.vcxproj
 cryptest.vcxproj.user
 cryptest.vcxproj.filters
 cryptest.mapfile
 cryptest.nmake
 cryptlib.cpp
 cryptlib.h
 cryptlib.vcxproj
 cryptlib.vcxproj.filters
 cryptopp.rc
 darn.cpp
 darn.h
 datatest.cpp
 default.cpp
 default.h
@ -82,6 +113,14 @@ dlltest.cpp
 dlltest.vcxproj
 dlltest.vcxproj.filters
 dmac.h
 drbg.h
 donna.h
 donna_32.h
 donna_64.h
 donna_sse.h
 donna_32.cpp
 donna_64.cpp
 donna_sse.cpp
 dsa.cpp
 dsa.h
 eax.cpp
@ -92,6 +131,7 @@ eccrypto.cpp
 eccrypto.h
 ecp.cpp
 ecp.h
 ecpoint.h
 elgamal.cpp
 elgamal.h
 emsa2.cpp
@ -112,12 +152,14 @@ fips140.h
 fipsalgt.cpp
 fipstest.cpp
 fltrimpl.h
 gcm_simd.cpp
 gcm.cpp
 gcm.h
 gf256.cpp
 gf256.h
 gf2_32.cpp
 gf2_32.h
 gf2n_simd.cpp
 gf2n.cpp
 gf2n.h
 gfpcrypt.cpp
@ -126,8 +168,15 @@ gost.cpp
 gost.h
 gzip.cpp
 gzip.h
 hashfwd.h
 hc128.cpp
 hc128.h
 hc256.cpp
 hc256.h
 hex.cpp
 hex.h
 hight.h
 hight.cpp
 hkdf.h
 hmac.cpp
 hmac.h
@ -143,9 +192,17 @@ integer.cpp
 integer.h
 iterhash.cpp
 iterhash.h
 kalynatab.cpp
 kalyna.cpp
 kalyna.h
 keccak.cpp
 keccak_core.cpp
 keccak_simd.cpp
 keccak.h
 lubyrack.h
 lea.cpp
 lea_simd.cpp
 lea.h
 luc.cpp
 luc.h
 mars.cpp
@ -169,10 +226,10 @@ mqueue.cpp
 mqueue.h
 mqv.cpp
 mqv.h
 naclite.h
 nbtheory.cpp
 nbtheory.h
-network.cpp
+neon_simd.cpp
 network.h
 nr.h
 oaep.cpp
 oaep.h
@ -180,14 +237,23 @@ oids.h
 osrng.cpp
 osrng.h
 ossig.h
 padlkrng.cpp
 padlkrng.h
 panama.cpp
 panama.h
 pch.cpp
 pch.h
 pkcspad.cpp
 pkcspad.h
 poly1305.cpp
 poly1305.h
 polynomi.cpp
 polynomi.h
 ppc_power7.cpp
 ppc_power8.cpp
 ppc_power9.cpp
 ppc_simd.cpp
 ppc_simd.h
 pssr.cpp
 pssr.h
 pubkey.cpp
@ -199,6 +265,8 @@ rabin.cpp
 rabin.h
 randpool.cpp
 randpool.h
 rabbit.cpp
 rabbit.h
 rc2.cpp
 rc2.h
 rc5.cpp
@ -207,14 +275,19 @@ rc6.cpp
 rc6.h
 rdrand-masm.cmd
 rdrand-nasm.sh
-rdrand.S
+rdrand.s
 rdrand.asm
 rdrand.cpp
 rdrand.h
 rdseed.asm
 rdtables.cpp
-regtest.cpp
+regtest1.cpp
 regtest2.cpp
 regtest3.cpp
 regtest4.cpp
 resource.h
 rijndael.cpp
 rijndael_simd.cpp
 rijndael.h
 ripemd.cpp
 ripemd.h
@ -228,6 +301,8 @@ safer.cpp
 safer.h
 salsa.cpp
 salsa.h
 scrypt.cpp
 scrypt.h
 seal.cpp
 seal.h
 secblock.h
@ -238,26 +313,52 @@ serpent.cpp
 serpent.h
 serpentp.h
 sha.cpp
 sha_simd.cpp
 sha.h
 sha1_armv4.h
 sha1_armv4.S
 sha256_armv4.h
 sha256_armv4.S
 sha512_armv4.h
 sha512_armv4.S
 sha3.cpp
 sha3.h
 shacal2.cpp
 shacal2_simd.cpp
 shacal2.h
 shake.cpp
 shake.h
 shark.cpp
 shark.h
 sharkbox.cpp
 simple.cpp
 simple.h
 siphash.h
 simeck.cpp
 simeck_simd.cpp
 simeck.h
 simon.cpp
 simon64_simd.cpp
 simon128_simd.cpp
 simon.h
 skipjack.cpp
 skipjack.h
 sm3.cpp
 sm3.h
 sm4.cpp
 sm4_simd.cpp
 sm4.h
 smartptr.h
 socketft.cpp
 socketft.h
 sosemanuk.cpp
 sosemanuk.h
 speck.cpp
 speck64_simd.cpp
 speck128_simd.cpp
 speck.h
 square.cpp
 square.h
 squaretb.cpp
 sse_simd.cpp
 stdcpp.h
 strciphr.cpp
 strciphr.h
@ -266,35 +367,42 @@ tea.h
 test.cpp
 trap.h
 tftables.cpp
 threefish.cpp
 threefish.h
 tiger.cpp
 tiger.h
 tigertab.cpp
 trdlocal.cpp
 trdlocal.h
 trunhash.h
 ttmac.cpp
 ttmac.h
 tweetnacl.cpp
 tweetnacl.h
 twofish.cpp
 twofish.h
 validat0.cpp
 validat1.cpp
 validat2.cpp
 validat3.cpp
 validat4.cpp
 validat5.cpp
 validat6.cpp
 validat7.cpp
 validat8.cpp
 validat9.cpp
 validat10.cpp
 validate.h
 vmac.cpp
 vmac.h
 vc60.zip
 vs2005.zip
 wait.cpp
 wait.h
 wake.cpp
 wake.h
 whrlpool.cpp
 whrlpool.h
 winpipes.cpp
 winpipes.h
 words.h
 x64dll.asm
 x64masm.asm
 xed25519.h
 xed25519.cpp
 xtr.cpp
 xtr.h
 xtrcrypt.cpp
@ -310,13 +418,18 @@ GNUmakefile
 GNUmakefile-cross
 License.txt
 Readme.txt
 History.txt
 Install.txt
 Filelist.txt
 cryptopp.supp
 TestData/3desval.dat
 TestData/3wayval.dat
 TestData/aria.dat
 TestData/camellia.dat
 TestData/cast128v.dat
 TestData/cast256v.dat
 TestData/defdmac1.bin
 TestData/defdmac2.bin
 TestData/descert.dat
 TestData/dh1024.dat
 TestData/dh2048.dat
@ -325,6 +438,12 @@ TestData/dlie2048.dat
 TestData/dsa1024.dat
 TestData/dsa1024b.dat
 TestData/dsa512.dat
 TestData/ecies_p160.dat
 TestData/ecies_t163.dat
 TestData/ed25519.dat
 TestData/ed25519_ver.dat
 TestData/ed25519v0.dat
 TestData/ed25519v1.dat
 TestData/elgc1024.dat
 TestData/esig1023.dat
 TestData/esig1536.dat
@ -360,6 +479,7 @@ TestData/rc6val.dat
 TestData/rijndael.dat
 TestData/rsa1024.dat
 TestData/rsa2048.dat
 TestData/rsa2048a.dat
 TestData/rsa400pb.dat
 TestData/rsa400pv.dat
 TestData/rsa512a.dat
@ -373,48 +493,122 @@ TestData/skipjack.dat
 TestData/squareva.dat
 TestData/twofishv.dat
 TestData/usage.dat
 TestData/x25519.dat
 TestData/x25519v0.dat
 TestData/x25519v1.dat
 TestData/xtrdh171.dat
 TestData/xtrdh342.dat
-TestVectors/Readme.txt
+TestVectors/aead.txt
 TestVectors/aes.txt
 TestVectors/all.txt
 TestVectors/aria.txt
 TestVectors/blake2.txt
 TestVectors/blake2b.txt
 TestVectors/blake2s.txt
 TestVectors/camellia.txt
 TestVectors/ccm.txt
 TestVectors/chacha.txt
 TestVectors/chacha_tls.txt
 TestVectors/chacha20poly1305.txt
 TestVectors/cham.txt
 TestVectors/cmac.txt
 TestVectors/dlies.txt
 TestVectors/dsa.txt
 TestVectors/dsa_1363.txt
 TestVectors/dsa_rfc6979.txt
 TestVectors/eax.txt
 TestVectors/esign.txt
 TestVectors/gcm.txt
 TestVectors/hc128.txt
 TestVectors/hc256.txt
 TestVectors/hight.txt
 TestVectors/hkdf.txt
 TestVectors/hmac.txt
 TestVectors/kalyna.txt
 TestVectors/keccak.txt
 TestVectors/lea.txt
 TestVectors/mars.txt
 TestVectors/nr.txt
 TestVectors/panama.txt
 TestVectors/poly1305aes.txt
 TestVectors/poly1305_tls.txt
 TestVectors/rabbit.txt
 TestVectors/Readme.txt
 TestVectors/rsa_oaep.txt
 TestVectors/rsa_pkcs1_1_5.txt
 TestVectors/rsa_pss.txt
 TestVectors/dsa_rfc6979.txt
 TestVectors/rw.txt
 TestVectors/salsa.txt
 TestVectors/seal.txt
 TestVectors/seed.txt
 TestVectors/sha.txt
-TestVectors/sha3_fips_202.txt
+TestVectors/sha1_160_fips_180.txt
 TestVectors/sha1_fips_180.txt
 TestVectors/sha2.txt
 TestVectors/sha2_224_fips_180.txt
 TestVectors/sha2_256_fips_180.txt
 TestVectors/sha2_384_fips_180.txt
 TestVectors/sha2_512_fips_180.txt
 TestVectors/sha2_fips_180.txt
 TestVectors/sha3.txt
 TestVectors/sha3_224_fips_202.txt
 TestVectors/sha3_256_fips_202.txt
 TestVectors/sha3_384_fips_202.txt
 TestVectors/sha3_512_fips_202.txt
 TestVectors/sha3_fips_202.txt
 TestVectors/shake.txt
 TestVectors/shacal2.txt
 TestVectors/simeck.txt
 TestVectors/simon.txt
 TestVectors/siphash.txt
 TestVectors/skipjack.txt
 TestVectors/sm3.txt
 TestVectors/sm4.txt
 TestVectors/sosemanuk.txt
 TestVectors/speck.txt
 TestVectors/tea.txt
 TestVectors/threefish.txt
 TestVectors/ttmac.txt
 TestVectors/vmac.txt
 TestVectors/wake.txt
 TestVectors/whrlpool.txt
 TestVectors/xchacha.txt
 TestPrograms/test_32bit.cxx
 TestPrograms/test_64bit.cxx
 TestPrograms/test_arm_acle.cxx
 TestPrograms/test_arm_aes.cxx
 TestPrograms/test_arm_asimd.cxx
 TestPrograms/test_arm_crc.cxx
 TestPrograms/test_arm_neon.cxx
 TestPrograms/test_arm_pmull.cxx
 TestPrograms/test_arm_sha1.cxx
 TestPrograms/test_arm_sha256.cxx
 TestPrograms/test_arm_sha512.cxx
 TestPrograms/test_arm_sha3.cxx
 TestPrograms/test_arm_sm3.cxx
 TestPrograms/test_arm_sm4.cxx
 TestPrograms/test_cxx.cxx
 TestPrograms/test_mixed_asm.cxx
 TestPrograms/test_newlib.cxx
 TestPrograms/test_ppc_aes.cxx
 TestPrograms/test_ppc_altivec.cxx
 TestPrograms/test_ppc_power7.cxx
 TestPrograms/test_ppc_power8.cxx
 TestPrograms/test_ppc_power9.cxx
 TestPrograms/test_ppc_sha.cxx
 TestPrograms/test_ppc_vmull.cxx
 TestPrograms/test_pthreads.cxx
 TestPrograms/test_x86_aes.cxx
 TestPrograms/test_x86_avx.cxx
 TestPrograms/test_x86_avx2.cxx
 TestPrograms/test_x86_avx512.cxx
 TestPrograms/test_x86_clmul.cxx
 TestPrograms/test_x86_cpuid.cxx
 TestPrograms/test_x86_rdrand.cxx
 TestPrograms/test_x86_rdseed.cxx
 TestPrograms/test_x86_sha.cxx
 TestPrograms/test_x86_sse2.cxx
 TestPrograms/test_x86_sse3.cxx
 TestPrograms/test_x86_sse41.cxx
 TestPrograms/test_x86_sse42.cxx
 TestPrograms/test_x86_ssse3.cxx
--- a/1607
+++ b/1607
--- a/826
+++ b/826
@ -1,8 +1,24 @@
-CXXFLAGS ?= -DNDEBUG -g2 -Os -fPIC -pipe
+# https://www.gnu.org/software/make/manual/make.html#Makefile-Conventions
 # and https://www.gnu.org/prep/standards/standards.html
-# The following options reduce code size, but breaks link or makes link very slow on some systems
+SHELL = /bin/sh
-# CXXFLAGS += -ffunction-sections -fdata-sections
+
-# LDFLAGS += -Wl,--gc-sections
+# If needed
 TMPDIR ?= /tmp
 # Used for ARMv7 and NEON.
 FP_ABI ?= hard
 # Used for feature tests
 TOUT ?= a.out
 TOUT := $(strip $(TOUT))
 # Allow override for the cryptest.exe recipe. Change to
 # ./libcryptopp.so or ./libcryptopp.dylib to suit your
 # taste. https://github.com/weidai11/cryptopp/issues/866
 LINK_LIBRARY ?= ./libcryptopp.a
 LINK_LIBRARY_PATH ?= ./
 # Default CXXFLAGS if none were provided
 CXXFLAGS ?= -DNDEBUG -g2 -O3 -fPIC -pipe
 AR ?= ar
 ARFLAGS ?= cr
@ -10,20 +26,45 @@ RANLIB ?= ranlib
 CP ?= cp
 MV ?= mv
 CHMOD ?= chmod
-MKDIR ?= mkdir
+MKDIR ?= mkdir -p
-EGREP ?= egrep
+GREP ?= grep
-LN ?= ln -sf
+SED ?= sed
-CLANG_COMPILER = $(shell $(CXX) --version 2>&1 | $(EGREP) -i -c "clang")
+LN ?= ln -sf
 LDCONF ?= /sbin/ldconfig -n
 IS_IOS ?= 0
 IS_ANDROID ?= 0
 IS_ARM_EMBEDDED ?= 0
 IS_NEON ?= 0
 # Yet another Clang hack. I think the LLVM devs are making the shit up
 # as they go. Also see https://github.com/weidai11/cryptopp/issues/831.
 MACHINEX := $(shell $(CXX) $(CXXFLAGS) -dumpmachine 2>/dev/null)
 ifeq ($(MACHINEX),armv8l-unknown-linux-gnueabihf)
  MACHINEX := armv7l-unknown-linux-gnueabihf
 endif
 HOSTX := $(shell echo $(MACHINEX) | cut -f 1 -d '-')
 ifeq ($(HOSTX),)
  HOSTX := $(shell uname -m 2>/dev/null)
 endif
 IS_LINUX := $(shell echo $(MACHINEX) | $(GREP) -i -c "Linux")
 # Can be used by Android and Embeeded cross-compiles. Disable by default because
 #   Android and embedded users typically don't run this configuration.
 HAS_SOLIB_VERSION ?= 0
 # Formely adhoc.cpp was created from adhoc.cpp.proto when needed.
 # This is now needed because ISA tests are performed using adhoc.cpp.
 ifeq ($(wildcard adhoc.cpp),)
 $(shell cp adhoc.cpp.proto adhoc.cpp)
 endif
 ###########################################################
 #####                General Variables                #####
 ###########################################################
 # Default prefix for make install
 ifeq ($(PREFIX),)
 PREFIX = /usr/local
@ -55,34 +96,52 @@ ifneq ($(CLANG_COMPILER),0)
  CXXFLAGS += -Wall
 endif
 ###########################################################
 #####                       iOS                       #####
 ###########################################################
 # iOS cross-compile configuration.
 #   See http://www.cryptopp.com/wiki/iOS_(Command_Line).
 ifeq ($(IS_IOS),1)
  CXX = clang++
  CXXFLAGS += $(IOS_FLAGS) -arch $(IOS_ARCH)
-  CXXFLAGS += -isysroot $(IOS_SYSROOT) -stdlib=libc++
+  CXXFLAGS += -isysroot "$(IOS_SYSROOT)" -stdlib=libc++
  AR = libtool
  ARFLAGS = -static -o
  RANLIB = ranlib
 endif
 ###########################################################
 #####                     Android                     #####
 ###########################################################
 # Android cross-compile configuration.
 #   See http://www.cryptopp.com/wiki/Android_(Command_Line).
 ifeq ($(IS_ANDROID),1)
  # CPP, CXX, AR, RANLIB, LD, etc are set in 'setenv-android.sh'
  CXXFLAGS += $(AOSP_FLAGS) -DANDROID --sysroot=$(AOSP_SYSROOT)
-  CXXFLAGS += -Wa,--noexecstack -I$(AOSP_STL_INC)
+  CXXFLAGS += -Wa,--noexecstack -I$(AOSP_STL_INC) -I$(AOSP_SYS_ARCH_INC)
  LDFLAGS += --sysroot=$(AOSP_LD_SYSROOT)
  # c++config.h shows up in odd places at times.
  ifneq ($(AOSP_BITS_INC),)
    CXXFLAGS += -I$(AOSP_BITS_INC)
  endif
  # STL headers
  LDLIBS += $(AOSP_STL_LIB)
  # Source files copied into PWD for Android cpu-features
  # setenv-android.sh does the copying. Its a dirty compile.
  AOSP_CPU_OBJ = cpu-features.o
 endif
 ###########################################################
 #####                    Embedded                     #####
 ###########################################################
 # ARM embedded cross-compile configuration.
 #   See http://www.cryptopp.com/wiki/ARM_Embedded_(Command_Line)
 #   and http://www.cryptopp.com/wiki/ARM_Embedded_(Bare Metal).
@ -91,6 +150,437 @@ ifeq ($(IS_ARM_EMBEDDED),1)
  CXXFLAGS += $(ARM_EMBEDDED_FLAGS) --sysroot=$(ARM_EMBEDDED_SYSROOT)
 endif
 ###########################################################
 #####              Compiler and Platform              #####
 ###########################################################
 # Wait until CXXFLAGS have been set by setenv scripts.
 GCC_COMPILER := $(shell $(CXX) --version 2>/dev/null | $(GREP) -v -E 'llvm|clang' | $(GREP) -i -c -E '(gcc|g\+\+)')
 CLANG_COMPILER := $(shell $(CXX) --version 2>/dev/null | $(GREP) -i -c -E 'llvm|clang')
 HOSTX := $(shell $(CXX) $(CXXFLAGS) -dumpmachine 2>/dev/null | cut -f 1 -d '-')
 ifeq ($(HOSTX),)
  HOSTX := $(shell uname -m 2>/dev/null)
 endif
 # This dance is because Clang reports the host architecture instead
 # of the target architecture. Running Clang on an x86_64 machine with
 # -arch arm64 yields x86_64 instead of aarch64 or arm64.
 ifeq ($(CLANG_COMPILER),1)
  IS_X86 := $(shell echo $(CXXFLAGS) | $(GREP) -v 64 | $(GREP) -i -c -E 'i.86')
  IS_X64 := $(shell echo $(CXXFLAGS) | $(GREP) -i -c -E 'x86_64|amd64')
  IS_ARM32 := $(shell echo $(CXXFLAGS) | $(GREP) -v 64 | $(GREP) -i -c -E 'arm|armhf|arm7l|eabihf')
  IS_ARMV8 := $(shell echo $(CXXFLAGS) | $(GREP) -i -c -E 'aarch32|aarch64|arm64|armv8')
 else
  IS_X86 := $(shell echo $(HOSTX) | $(GREP) -v 64 | $(GREP) -i -c -E 'i.86')
  IS_X64 := $(shell echo $(HOSTX) | $(GREP) -i -c -E 'x86_64|amd64')
  IS_ARM32 := $(shell echo $(HOSTX) | $(GREP) -v 64 | $(GREP) -i -c -E 'arm|armhf|arm7l|eabihf')
  IS_ARMV8 := $(shell echo $(HOSTX) | $(GREP) -i -c -E 'aarch32|aarch64|arm64|armv8')
 endif
 $(info Here's what we found... IS_X86: $(IS_X86), IS_X64: $(IS_X64), IS_ARM32: $(IS_ARM32), IS_ARMV8: $(IS_ARMV8))
 ###########################################################
 #####                  Test Program                   #####
 ###########################################################
 # Hack to skip CPU feature tests for some recipes
 DETECT_FEATURES ?= 1
 ifeq ($(findstring -DCRYPTOPP_DISABLE_ASM,$(CXXFLAGS)),-DCRYPTOPP_DISABLE_ASM)
  DETECT_FEATURES := 0
 else ifeq ($(findstring clean,$(MAKECMDGOALS)),clean)
  DETECT_FEATURES := 0
 else ifeq ($(findstring distclean,$(MAKECMDGOALS)),distclean)
  DETECT_FEATURES := 0
 else ifeq ($(findstring distclean,$(MAKECMDGOALS)),trim)
  DETECT_FEATURES := 0
 endif
 # Strip out -Wall, -Wextra and friends for feature testing. FORTIFY_SOURCE is removed
 # because it requires -O1 or higher, but we use -O0 to tame the optimizer.
 ifeq ($(DETECT_FEATURES),1)
  TCXXFLAGS := $(filter-out -D_FORTIFY_SOURCE=% -Wall -Wextra -Werror% -Wunused -Wconversion -Wp%, $(CXXFLAGS))
  ifneq ($(strip $(TCXXFLAGS)),)
    $(info Using testing flags: $(TCXXFLAGS))
  endif
  #TPROG = TestPrograms/test_cxx.cxx
  #$(info Testing compile... )
  #$(info $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 1>/dev/null))
 endif
 # For the previous messages
 $(info )
 ###########################################################
 #####               X86/X32/X64 Options               #####
 ###########################################################
 ifneq ($(IS_X86)$(IS_X64),00)
 ifeq ($(DETECT_FEATURES),1)
  SSE2_FLAG = -msse2
  SSE3_FLAG = -msse3
  SSSE3_FLAG = -mssse3
  SSE41_FLAG = -msse4.1
  SSE42_FLAG = -msse4.2
  CLMUL_FLAG = -mpclmul
  AESNI_FLAG = -maes
  AVX_FLAG = -mavx
  AVX2_FLAG = -mavx2
  SHANI_FLAG = -msha
  TPROG = TestPrograms/test_x86_sse2.cxx
  TOPT = $(SSE2_FLAG)
  HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
  ifeq ($(strip $(HAVE_OPT)),0)
    CHACHA_FLAG = $(SSE2_FLAG)
  else
    SSE2_FLAG =
  endif
  TPROG = TestPrograms/test_x86_ssse3.cxx
  TOPT = $(SSSE3_FLAG)
  HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
  ifeq ($(strip $(HAVE_OPT)),0)
    ARIA_FLAG = $(SSSE3_FLAG)
    CHAM_FLAG = $(SSSE3_FLAG)
    LEA_FLAG = $(SSSE3_FLAG)
    SIMECK_FLAG = $(SSSE3_FLAG)
    SIMON128_FLAG = $(SSSE3_FLAG)
    SPECK128_FLAG = $(SSSE3_FLAG)
  else
    SSSE3_FLAG =
  endif
  TPROG = TestPrograms/test_x86_sse41.cxx
  TOPT = $(SSE41_FLAG)
  HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
  ifeq ($(strip $(HAVE_OPT)),0)
    BLAKE2B_FLAG = $(SSE41_FLAG)
    BLAKE2S_FLAG = $(SSE41_FLAG)
    SIMON64_FLAG = $(SSE41_FLAG)
    SPECK64_FLAG = $(SSE41_FLAG)
  else
    SSE41_FLAG =
  endif
  TPROG = TestPrograms/test_x86_sse42.cxx
  TOPT = $(SSE42_FLAG)
  HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
  ifeq ($(strip $(HAVE_OPT)),0)
    CRC_FLAG = $(SSE42_FLAG)
  else
    SSE42_FLAG =
  endif
  TPROG = TestPrograms/test_x86_clmul.cxx
  TOPT = $(CLMUL_FLAG)
  HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
  ifeq ($(strip $(HAVE_OPT)),0)
    GCM_FLAG = $(SSSE3_FLAG) $(CLMUL_FLAG)
  else
    CLMUL_FLAG =
  endif
  TPROG = TestPrograms/test_x86_aes.cxx
  TOPT = $(AESNI_FLAG)
  HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
  ifeq ($(strip $(HAVE_OPT)),0)
    AES_FLAG = $(SSE41_FLAG) $(AESNI_FLAG)
    SM4_FLAG = $(SSSE3_FLAG) $(AESNI_FLAG)
  else
    AESNI_FLAG =
  endif
  TPROG = TestPrograms/test_x86_avx.cxx
  TOPT = $(AVX_FLAG)
  HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
  ifeq ($(strip $(HAVE_OPT)),0)
    # XXX_FLAG = $(AVX_FLAG)
  else
    AVX_FLAG =
  endif
  TPROG = TestPrograms/test_x86_avx2.cxx
  TOPT = $(AVX2_FLAG)
  HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
  ifeq ($(strip $(HAVE_OPT)),0)
    CHACHA_AVX2_FLAG = $(AVX2_FLAG)
  else
    AVX2_FLAG =
  endif
  TPROG = TestPrograms/test_x86_sha.cxx
  TOPT = $(SHANI_FLAG)
  HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
  ifeq ($(strip $(HAVE_OPT)),0)
    SHA_FLAG = $(SSE42_FLAG) $(SHANI_FLAG)
  else
    SHANI_FLAG =
  endif
  ifeq ($(SSE2_FLAG),)
    CXXFLAGS += -DCRYPTOPP_DISABLE_ASM
  else ifeq ($(SSE3_FLAG),)
    CXXFLAGS += -DCRYPTOPP_DISABLE_SSE3
  else ifeq ($(SSSE3_FLAG),)
    CXXFLAGS += -DCRYPTOPP_DISABLE_SSSE3
  else ifeq ($(SSE41_FLAG),)
    CXXFLAGS += -DCRYPTOPP_DISABLE_SSE4
  else ifeq ($(SSE42_FLAG),)
    CXXFLAGS += -DCRYPTOPP_DISABLE_SSE4
  endif
  ifneq ($(SSE42_FLAG),)
    # Unusual GCC/Clang on Macports. It assembles AES, but not CLMUL.
    # test_x86_clmul.s:15: no such instruction: 'pclmulqdq $0, %xmm1,%xmm0'
    ifeq ($(CLMUL_FLAG),)
      CXXFLAGS += -DCRYPTOPP_DISABLE_CLMUL
    endif
    ifeq ($(AESNI_FLAG),)
      CXXFLAGS += -DCRYPTOPP_DISABLE_AESNI
    endif
    ifeq ($(AVX_FLAG),)
      CXXFLAGS += -DCRYPTOPP_DISABLE_AVX
    else ifeq ($(AVX2_FLAG),)
      CXXFLAGS += -DCRYPTOPP_DISABLE_AVX2
    else ifeq ($(SHANI_FLAG),)
      CXXFLAGS += -DCRYPTOPP_DISABLE_SHANI
    endif
  endif
  # Drop to SSE2 if available
  ifeq ($(GCM_FLAG),)
    ifneq ($(SSE2_FLAG),)
      GCM_FLAG = $(SSE2_FLAG)
    endif
  endif
 # DETECT_FEATURES
 endif
 # IS_X86, IS_X32 and IS_X64
 endif
 ###########################################################
 #####            ARM A-32, Aach64 and NEON            #####
 ###########################################################
 ifneq ($(IS_ARM32)$(IS_ARMV8),00)
 ifeq ($(DETECT_FEATURES),1)
 ifeq ($(IS_ARM32),1)
  ifneq ($(IS_IOS)$(IS_ANDROID),00)
    NEON_FLAG =
  else
    NEON_FLAG = -march=armv7-a -mfloat-abi=$(FP_ABI) -mfpu=neon
  endif
  TPROG = TestPrograms/test_arm_neon.cxx
  TOPT = $(NEON_FLAG)
  HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
  ifeq ($(strip $(HAVE_OPT)),0)
    ARIA_FLAG = $(NEON_FLAG)
    AES_FLAG = $(NEON_FLAG)
    CRC_FLAG = $(NEON_FLAG)
    GCM_FLAG = $(NEON_FLAG)
    BLAKE2B_FLAG = $(NEON_FLAG)
    BLAKE2S_FLAG = $(NEON_FLAG)
    CHACHA_FLAG = $(NEON_FLAG)
    CHAM_FLAG = $(NEON_FLAG)
    LEA_FLAG = $(NEON_FLAG)
    SHA_FLAG = $(NEON_FLAG)
    SIMECK_FLAG = $(NEON_FLAG)
    SIMON64_FLAG = $(NEON_FLAG)
    SIMON128_FLAG = $(NEON_FLAG)
    SPECK64_FLAG = $(NEON_FLAG)
    SPECK128_FLAG = $(NEON_FLAG)
    SM4_FLAG = $(NEON_FLAG)
  else
    NEON_FLAG =
    CXXFLAGS += -DCRYPTOPP_DISABLE_ASM
  endif
 # IS_ARM32
 endif
 ifeq ($(IS_ARMV8),1)
  ifeq ($(IS_IOS),1)
    ASIMD_FLAG =
    CRC_FLAG =
    AES_FLAG =
    PMUL_FLAG =
    SHA_FLAG =
  else
    ASIMD_FLAG = -march=armv8-a
    CRC_FLAG = -march=armv8-a+crc
    AES_FLAG = -march=armv8-a+crypto
    PMULL_FLAG = -march=armv8-a+crypto
    SHA_FLAG = -march=armv8-a+crypto
  endif
  TPROG = TestPrograms/test_arm_acle.cxx
  TOPT = $(ASIMD_FLAG)
  HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
  ifeq ($(strip $(HAVE_OPT)),0)
    ACLE_FLAG += -DCRYPTOPP_ARM_ACLE_AVAILABLE=1
  else
    CXXFLAGS += -DCRYPTOPP_ARM_ACLE_AVAILABLE=0
  endif
  TPROG = TestPrograms/test_arm_asimd.cxx
  TOPT = $(ASIMD_FLAG)
  HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
  ifeq ($(strip $(HAVE_OPT)),0)
    ARIA_FLAG = $(ASIMD_FLAG)
    BLAKE2B_FLAG = $(ASIMD_FLAG)
    BLAKE2S_FLAG = $(ASIMD_FLAG)
    CHACHA_FLAG = $(ASIMD_FLAG)
    CHAM_FLAG = $(ASIMD_FLAG)
    LEA_FLAG = $(ASIMD_FLAG)
    NEON_FLAG = $(ASIMD_FLAG)
    SIMECK_FLAG = $(ASIMD_FLAG)
    SIMON64_FLAG = $(ASIMD_FLAG)
    SIMON128_FLAG = $(ASIMD_FLAG)
    SPECK64_FLAG = $(ASIMD_FLAG)
    SPECK128_FLAG = $(ASIMD_FLAG)
    SM4_FLAG = $(ASIMD_FLAG)
  else
    ASIMD_FLAG =
    CXXFLAGS += -DCRYPTOPP_DISABLE_ASM
  endif
    TPROG = TestPrograms/test_arm_crc.cxx
    TOPT = $(CRC_FLAG)
    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
    ifneq ($(strip $(HAVE_OPT)),0)
      CRC_FLAG =
      CXXFLAGS += -DCRYPTOPP_ARM_CRC32_AVAILABLE=0
    endif
    TPROG = TestPrograms/test_arm_aes.cxx
    TOPT = $(AES_FLAG)
    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
    ifneq ($(strip $(HAVE_OPT)),0)
      AES_FLAG =
      CXXFLAGS += -DCRYPTOPP_ARM_AES_AVAILABLE=0
    endif
    TPROG = TestPrograms/test_arm_pmull.cxx
    TOPT = $(PMULL_FLAG)
    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
    ifneq ($(strip $(HAVE_OPT)),0)
      PMULL_FLAG =
      CXXFLAGS += -DCRYPTOPP_ARM_PMULL_AVAILABLE=0
    endif
    TPROG = TestPrograms/test_arm_sha1.cxx
    TOPT = $(SHA_FLAG)
    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
    ifneq ($(strip $(HAVE_OPT)),0)
      SHA_FLAG =
      CXXFLAGS += -DCRYPTOPP_ARM_SHA_AVAILABLE=0
    endif
    TPROG = TestPrograms/test_arm_sm3.cxx
    TOPT = -march=armv8.4-a+crypto
    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
    ifeq ($(strip $(HAVE_OPT)),0)
      SM3_FLAG = -march=armv8.4-a+crypto
      SM4_FLAG = -march=armv8.4-a+crypto
    endif
    TPROG = TestPrograms/test_arm_sha3.cxx
    TOPT = -march=armv8.4-a+crypto
    HAVE_OPT = $(shell $(CXX) $(TCXXFLAGS) $(ACLE_FLAG) $(ZOPT) $(TOPT) $(TPROG) -o $(TOUT) 2>&1 | tr ' ' '\n' | wc -l)
    ifeq ($(strip $(HAVE_OPT)),0)
      SHA3_FLAG = -march=armv8.4-a+crypto
      SHA512_FLAG = -march=armv8.4-a+crypto
    endif
 # IS_ARMV8
 endif
 # DETECT_FEATURES
 endif
 # IS_ARM32, IS_ARMV8, IS_NEON
 endif
 ###########################################################
 #####                      Common                     #####
 ###########################################################
 # No ASM for Travis testing
 ifeq ($(findstring no-asm,$(MAKECMDGOALS)),no-asm)
  ifeq ($(findstring -DCRYPTOPP_DISABLE_ASM,$(CXXFLAGS)),)
    CXXFLAGS += -DCRYPTOPP_DISABLE_ASM
  endif # CXXFLAGS
 endif # No ASM
 # Undefined Behavior Sanitizer (UBsan) testing. Issue 'make ubsan'.
 ifeq ($(findstring ubsan,$(MAKECMDGOALS)),ubsan)
  ifeq ($(findstring -fsanitize=undefined,$(CXXFLAGS)),)
    CXXFLAGS += -fsanitize=undefined
  endif # CXXFLAGS
  ifeq ($(findstring -DCRYPTOPP_COVERAGE,$(CXXFLAGS)),)
    CXXFLAGS += -DCRYPTOPP_COVERAGE
  endif # CXXFLAGS
 endif # UBsan
 # Address Sanitizer (Asan) testing. Issue 'make asan'.
 ifeq ($(findstring asan,$(MAKECMDGOALS)),asan)
  ifeq ($(findstring -fsanitize=address,$(CXXFLAGS)),)
    CXXFLAGS += -fsanitize=address
  endif # CXXFLAGS
  ifeq ($(findstring -DCRYPTOPP_COVERAGE,$(CXXFLAGS)),)
    CXXFLAGS += -DCRYPTOPP_COVERAGE
  endif # CXXFLAGS
  ifeq ($(findstring -fno-omit-frame-pointer,$(CXXFLAGS)),)
    CXXFLAGS += -fno-omit-frame-pointer
  endif # CXXFLAGS
 endif # Asan
 # LD gold linker testing. Triggered by 'LD=ld.gold'.
 ifeq ($(findstring ld.gold,$(LD)),ld.gold)
  ifeq ($(findstring -fuse-ld=gold,$(CXXFLAGS)),)
    ELF_FORMAT := $(shell file `which ld.gold` 2>&1 | cut -d":" -f 2 | $(GREP) -i -c "elf")
    ifneq ($(ELF_FORMAT),0)
      LDFLAGS += -fuse-ld=gold
    endif # ELF/ELF64
  endif # CXXFLAGS
 endif # Gold
 # Valgrind testing. Issue 'make valgrind'.
 ifneq ($(filter valgrind,$(MAKECMDGOALS)),)
  # Tune flags; see http://valgrind.org/docs/manual/quick-start.html
  CXXFLAGS := $(CXXFLAGS:-g%=-g3)
  CXXFLAGS := $(CXXFLAGS:-O%=-O1)
  CXXFLAGS := $(CXXFLAGS:-xO%=-xO1)
  ifeq ($(findstring -DCRYPTOPP_COVERAGE,$(CXXFLAGS)),)
    CXXFLAGS += -DCRYPTOPP_COVERAGE
  endif # -DCRYPTOPP_COVERAGE
 endif # Valgrind
 # Debug testing on GNU systems. Triggered by -DDEBUG.
 #   Newlib test due to http://sourceware.org/bugzilla/show_bug.cgi?id=20268
 ifneq ($(filter -DDEBUG -DDEBUG=1,$(CXXFLAGS)),)
  USING_GLIBCXX := $(shell $(CXX) $(CXXFLAGS) -E pch.cpp 2>&1 | $(GREP) -i -c "__GLIBCXX__")
  ifneq ($(USING_GLIBCXX),0)
    ifeq ($(HAS_NEWLIB),0)
      ifeq ($(findstring -D_GLIBCXX_DEBUG,$(CXXFLAGS)),)
        CXXFLAGS += -D_GLIBCXX_DEBUG
      endif # CXXFLAGS
    endif # HAS_NEWLIB
  endif # USING_GLIBCXX
 endif # GNU Debug build
 # Dead code stripping. Issue 'make lean'.
 ifeq ($(findstring lean,$(MAKECMDGOALS)),lean)
  ifeq ($(findstring -ffunction-sections,$(CXXFLAGS)),)
@ -99,7 +589,7 @@ ifeq ($(findstring lean,$(MAKECMDGOALS)),lean)
  ifeq ($(findstring -fdata-sections,$(CXXFLAGS)),)
    CXXFLAGS += -fdata-sections
  endif # CXXFLAGS
-  ifeq ($(IS_IOS),1)
+  ifneq ($(IS_IOS),0)
    ifeq ($(findstring -Wl,-dead_strip,$(LDFLAGS)),)
      LDFLAGS += -Wl,-dead_strip
    endif # CXXFLAGS
@ -110,19 +600,43 @@ ifeq ($(findstring lean,$(MAKECMDGOALS)),lean)
  endif # MAKECMDGOALS
 endif # Dead code stripping
-# List cryptlib.cpp first and cpu.cpp second in an attempt to tame C++ static initialization problems.
+###########################################################
-#  The issue spills into POD data types of cpu.cpp due to the storage class of the bools, so cpu.cpp
+#####              Source and object files            #####
-#  is the second candidate for explicit initialization order.
+###########################################################
 SRCS := cryptlib.cpp cpu.cpp integer.cpp $(filter-out cryptlib.cpp cpu.cpp integer.cpp pch.cpp simple.cpp winpipes.cpp cryptlib_bds.cpp,$(wildcard *.cpp))
 OBJS := $(SRCS:.cpp=.o)
-# test.o needs to be after bench.o for cygwin 1.1.4 (possible ld bug?)
+# List cryptlib.cpp first, then cpu.cpp, then integer.cpp to tame C++ static initialization problems.
-TESTSRCS := bench1.cpp bench2.cpp test.cpp validat1.cpp validat2.cpp validat3.cpp adhoc.cpp datatest.cpp regtest.cpp fipsalgt.cpp dlltest.cpp
+SRCS := cryptlib.cpp cpu.cpp integer.cpp $(filter-out cryptlib.cpp cpu.cpp integer.cpp pch.cpp simple.cpp cryptlib_bds.cpp,$(sort $(wildcard *.cpp)))
 # For Makefile.am; resource.h is Windows
 INCL := $(filter-out resource.h,$(sort $(wildcard *.h)))
 # Cryptogams source files. We couple to ARMv7.
 # Limit to Linux. The source files target the GNU assembler.
 # Also see https://www.cryptopp.com/wiki/Cryptogams.
 ifeq ($(IS_ARM32)$(IS_LINUX),11)
  ifeq ($(CLANG_COMPILER),1)
    CRYPTOGAMS_ARMV7_FLAG = -march=armv7-a -Wa,--noexecstack
    CRYPTOGAMS_ARMV7_THUMB_FLAG = -march=armv7-a -mthumb -Wa,--noexecstack
  else
    CRYPTOGAMS_ARMV7_FLAG = -march=armv7-a -Wa,--noexecstack
    CRYPTOGAMS_ARMV7_THUMB_FLAG = -march=armv7-a -Wa,--noexecstack
  endif
  SRCS += aes_armv4.S sha1_armv4.S sha256_armv4.S sha512_armv4.S
 endif
 # List cryptlib.cpp first, then cpu.cpp, then integer.cpp to tame C++ static initialization problems.
 OBJS := $(SRCS:.cpp=.o)
 OBJS := $(OBJS:.S=.o)
 # List test.cpp first to tame C++ static initialization problems.
 TESTSRCS := adhoc.cpp test.cpp bench1.cpp bench2.cpp bench3.cpp datatest.cpp dlltest.cpp fipsalgt.cpp validat0.cpp validat1.cpp validat2.cpp validat3.cpp validat4.cpp validat5.cpp validat6.cpp validat7.cpp validat8.cpp validat9.cpp validat10.cpp regtest1.cpp regtest2.cpp regtest3.cpp regtest4.cpp
 TESTINCL := bench.h factory.h validate.h
 # Test objects
 TESTOBJS := $(TESTSRCS:.cpp=.o)
 LIBOBJS := $(filter-out $(TESTOBJS),$(OBJS))
 # For Shared Objects, Diff, Dist/Zip rules
-LIB_VER := $(shell $(EGREP) "define CRYPTOPP_VERSION" config.h | cut -d" " -f 3)
+LIB_VER := $(shell $(GREP) "define CRYPTOPP_VERSION" config_ver.h | cut -d" " -f 3)
 LIB_MAJOR := $(shell echo $(LIB_VER) | cut -c 1)
 LIB_MINOR := $(shell echo $(LIB_VER) | cut -c 2)
 LIB_PATCH := $(shell echo $(LIB_VER) | cut -c 3)
@ -134,13 +648,21 @@ endif
 ifeq ($(HAS_SOLIB_VERSION),1)
 # Full version suffix for shared library
 SOLIB_VERSION_SUFFIX=.$(LIB_MAJOR).$(LIB_MINOR).$(LIB_PATCH)
-# Different patchlevels are compatible, minor versions are not
+# Different patchlevels and minors are compatible since 6.1
-SOLIB_COMPAT_SUFFIX=.$(LIB_MAJOR).$(LIB_MINOR)
+SOLIB_COMPAT_SUFFIX=.$(LIB_MAJOR)
 SOLIB_FLAGS=-Wl,-soname,libcryptopp.so$(SOLIB_COMPAT_SUFFIX)
 endif # HAS_SOLIB_VERSION
-.PHONY: all
+###########################################################
-all: cryptest.exe
+#####                Targets and Recipes              #####
 ###########################################################
 # Default builds program with static library only
 .PHONY: default
 default: cryptest.exe
 .PHONY: all static dynamic
 all: static dynamic cryptest.exe
 ifneq ($(IS_IOS),0)
 static: libcryptopp.a
@ -150,7 +672,8 @@ static: libcryptopp.a
 shared dynamic: libcryptopp.so$(SOLIB_VERSION_SUFFIX)
 endif
-test: cryptest.exe
+.PHONY: test check
 test check: cryptest.exe
 	./cryptest.exe v
 # CXXFLAGS are tuned earlier. Applications must use linker flags
@ -160,68 +683,99 @@ lean: static dynamic cryptest.exe
 .PHONY: clean
 clean:
-	-$(RM) cryptest.exe libcryptopp.a libcryptopp.so$(SOLIB_VERSION_SUFFIX) libcryptopp.dylib
+	-$(RM) adhoc.cpp.o adhoc.cpp.proto.o $(LIBOBJS) $(AOSP_CPU_OBJ) rdrand-*.o $(TESTOBJS) $(DLLOBJS) $(LIBIMPORTOBJS) $(TESTIMPORTOBJS) $(DLLTESTOBJS)
-ifeq ($(HAS_SOLIB_VERSION),1)
+	@-$(RM) libcryptopp.a libcryptopp.dylib cryptopp.dll libcryptopp.dll.a libcryptopp.import.a
-	-$(RM) libcryptopp.so libcryptopp.so$(SOLIB_COMPAT_SUFFIX)
+	@-$(RM) libcryptopp.so libcryptopp.so$(SOLIB_COMPAT_SUFFIX) libcryptopp.so$(SOLIB_VERSION_SUFFIX)
-endif
+	@-$(RM) cryptest.exe dlltest.exe cryptest.import.exe cryptest.info ct et
-	-$(RM) adhoc.cpp.o adhoc.cpp.proto.o $(LIBOBJS) $(TESTOBJS)
+	@-$(RM) *.la *.lo *.gcov *.gcno *.gcda *.stackdump core core-*
-ifneq ($(wildcard *.exe.dSYM),)
+	@-$(RM) /tmp/adhoc.exe
-	-$(RM) -r *.exe.dSYM/
+	@-$(RM) -r /tmp/cryptopp_test/
-endif
+	@-$(RM) -r *.exe.dSYM/
-ifneq ($(wildcard *.dylib.dSYM),)
+	@-$(RM) -r *.dylib.dSYM/
-	-$(RM) -r *.dylib.dSYM/
+	@-$(RM) -r cov-int/
-endif
+
 .PHONY: autotools-clean
 autotools-clean:
 	@-$(RM) -f configure.ac configure configure.in Makefile.am Makefile.in Makefile
 	@-$(RM) -f config.guess config.status config.sub config.h.in compile depcomp
 	@-$(RM) -f install-sh stamp-h1 ar-lib *.lo *.la *.m4 local.* lt*.sh missing
 	@-$(RM) -f cryptest cryptestcwd libtool* libcryptopp.la libcryptopp.pc*
 	@-$(RM) -rf m4/ auto*.cache/ .deps/ .libs/
 .PHONY: cmake-clean
 cmake-clean:
 	@-$(RM) -f cryptopp-config.cmake CMakeLists.txt
 	@-$(RM) -rf cmake_build/
 .PHONY: distclean
-distclean: clean
+distclean: clean autotools-clean cmake-clean
-	-$(RM) adhoc.cpp adhoc.cpp.copied GNUmakefile.deps cryptopp.tgz *.o *.ii *.s
+	-$(RM) adhoc.cpp adhoc.cpp.copied GNUmakefile.deps benchmarks.html cryptest.txt
 	@-$(RM) cryptest-*.txt cryptopp.tgz libcryptopp.pc *.o *.bc *.ii *~
 	@-$(RM) -r cryptlib.lib cryptest.exe *.suo *.sdf *.pdb Win32/ x64/ ipch/
 	@-$(RM) -r $(LIBOBJS:.o=.obj) $(TESTOBJS:.o=.obj)
 	@-$(RM) -r $(LIBOBJS:.o=.lst) $(TESTOBJS:.o=.lst)
 	@-$(RM) -r TestCoverage/ ref*/
 	@-$(RM) cryptopp$(LIB_VER)\.* CryptoPPRef.zip
 # Install cryptest.exe, libcryptopp.a and libcryptopp.so.
 # The library install was broken-out into its own recipe at GH #653.
 .PHONY: install
-install:
+install: cryptest.exe install-lib
-	$(MKDIR) -p $(DESTDIR)$(INCLUDEDIR)/cryptopp
+	@-$(MKDIR) $(DESTDIR)$(BINDIR)
 	$(CP) *.h $(DESTDIR)$(INCLUDEDIR)/cryptopp
 	-$(CHMOD) 755 $(DESTDIR)$(INCLUDEDIR)/cryptopp
 	-$(CHMOD) 644 $(DESTDIR)$(INCLUDEDIR)/cryptopp/*.h
 ifneq ($(wildcard cryptest.exe),)
 	$(MKDIR) -p $(DESTDIR)$(BINDIR)
 	$(CP) cryptest.exe $(DESTDIR)$(BINDIR)
-	-$(CHMOD) 755 $(DESTDIR)$(BINDIR)/cryptest.exe
+	$(CHMOD) 0755 $(DESTDIR)$(BINDIR)/cryptest.exe
-endif
+	@-$(MKDIR) $(DESTDIR)$(DATADIR)/cryptopp/TestData
 	@-$(MKDIR) $(DESTDIR)$(DATADIR)/cryptopp/TestVectors
 	$(CP) TestData/*.dat $(DESTDIR)$(DATADIR)/cryptopp/TestData
 	$(CHMOD) 0644 $(DESTDIR)$(DATADIR)/cryptopp/TestData/*.dat
 	$(CP) TestVectors/*.txt $(DESTDIR)$(DATADIR)/cryptopp/TestVectors
 	$(CHMOD) 0644 $(DESTDIR)$(DATADIR)/cryptopp/TestVectors/*.txt
 # A recipe to install only the library, and not cryptest.exe. Also
 # see https://github.com/weidai11/cryptopp/issues/653.
 .PHONY: install-lib
 install-lib:
 	@-$(MKDIR) $(DESTDIR)$(INCLUDEDIR)/cryptopp
 	$(CP) *.h $(DESTDIR)$(INCLUDEDIR)/cryptopp
 	$(CHMOD) 0644 $(DESTDIR)$(INCLUDEDIR)/cryptopp/*.h
 ifneq ($(wildcard libcryptopp.a),)
-	$(MKDIR) -p $(DESTDIR)$(LIBDIR)
+	@-$(MKDIR) $(DESTDIR)$(LIBDIR)
 	$(CP) libcryptopp.a $(DESTDIR)$(LIBDIR)
-	-$(CHMOD) 644 $(DESTDIR)$(LIBDIR)/libcryptopp.a
+	$(CHMOD) 0644 $(DESTDIR)$(LIBDIR)/libcryptopp.a
 endif
 ifneq ($(wildcard libcryptopp.dylib),)
-	$(MKDIR) -p $(DESTDIR)$(LIBDIR)
+	@-$(MKDIR) $(DESTDIR)$(LIBDIR)
 	$(CP) libcryptopp.dylib $(DESTDIR)$(LIBDIR)
-	-$(CHMOD) 755 $(DESTDIR)$(LIBDIR)/libcryptopp.dylib
+	$(CHMOD) 0755 $(DESTDIR)$(LIBDIR)/libcryptopp.dylib
 	-install_name_tool -id $(DESTDIR)$(LIBDIR)/libcryptopp.dylib $(DESTDIR)$(LIBDIR)/libcryptopp.dylib
 endif
 ifneq ($(wildcard libcryptopp.so$(SOLIB_VERSION_SUFFIX)),)
-	$(CP) libcryptopp.so $(DESTDIR)$(LIBDIR)
+	@-$(MKDIR) $(DESTDIR)$(LIBDIR)
-	-$(CHMOD) 755 $(DESTDIR)$(LIBDIR)/libcryptopp.so$(SOLIB_VERSION_SUFFIX)
+	$(CP) libcryptopp.so$(SOLIB_VERSION_SUFFIX) $(DESTDIR)$(LIBDIR)
 	$(CHMOD) 0755 $(DESTDIR)$(LIBDIR)/libcryptopp.so$(SOLIB_VERSION_SUFFIX)
 ifeq ($(HAS_SOLIB_VERSION),1)
-	-$(LN) -sf libcryptopp.so$(SOLIB_VERSION_SUFFIX) $(DESTDIR)$(LIBDIR)/libcryptopp.so
+	-$(LN) libcryptopp.so$(SOLIB_VERSION_SUFFIX) $(DESTDIR)$(LIBDIR)/libcryptopp.so
 	$(LDCONF) $(DESTDIR)$(LIBDIR)
 endif
 endif
 ifneq ($(wildcard libcryptopp.pc),)
 	@-$(MKDIR) $(DESTDIR)$(LIBDIR)/pkgconfig
 	$(CP) libcryptopp.pc $(DESTDIR)$(LIBDIR)/pkgconfig
 	$(CHMOD) 0644 $(DESTDIR)$(LIBDIR)/pkgconfig/libcryptopp.pc
 endif
 .PHONY: remove uninstall
 remove uninstall:
 	-$(RM) -r $(DESTDIR)$(INCLUDEDIR)/cryptopp
 	-$(RM) $(DESTDIR)$(LIBDIR)/libcryptopp.a
 	-$(RM) $(DESTDIR)$(BINDIR)/cryptest.exe
-ifneq ($(IS_IOS),0)
+	@-$(RM) $(DESTDIR)$(LIBDIR)/libcryptopp.dylib
-	-$(RM) $(DESTDIR)$(LIBDIR)/libcryptopp.dylib
+	@-$(RM) $(DESTDIR)$(LIBDIR)/libcryptopp.so$(SOLIB_VERSION_SUFFIX)
-else
+	@-$(RM) $(DESTDIR)$(LIBDIR)/libcryptopp.so$(SOLIB_COMPAT_SUFFIX)
-	-$(RM) $(DESTDIR)$(LIBDIR)/libcryptopp.so$(SOLIB_VERSION_SUFFIX)
+	@-$(RM) $(DESTDIR)$(LIBDIR)/libcryptopp.so
 ifeq ($(HAS_SOLIB_VERSION),1)
 	-$(RM) $(DESTDIR)$(LIBDIR)/libcryptopp.so$(SOLIB_COMPAT_SUFFIX)
 	-$(RM) $(DESTDIR)$(LIBDIR)/libcryptopp.so
 endif
 endif
-libcryptopp.a: $(LIBOBJS)
+libcryptopp.a: $(LIBOBJS) $(AOSP_CPU_OBJ)
-	$(AR) $(ARFLAGS) $@ $(LIBOBJS)
+	$(AR) $(ARFLAGS) $@ $(LIBOBJS) $(AOSP_CPU_OBJ)
 	$(RANLIB) $@
 ifeq ($(HAS_SOLIB_VERSION),1)
@ -229,25 +783,33 @@ ifeq ($(HAS_SOLIB_VERSION),1)
 libcryptopp.so: libcryptopp.so$(SOLIB_VERSION_SUFFIX)
 endif
-libcryptopp.so$(SOLIB_VERSION_SUFFIX): $(LIBOBJS)
+libcryptopp.so$(SOLIB_VERSION_SUFFIX): $(LIBOBJS) $(AOSP_CPU_OBJ)
-	$(CXX) -shared $(SOLIB_FLAGS) -o $@ $(CXXFLAGS) -Wl,--exclude-libs,ALL $(LIBOBJS) $(LDFLAGS) $(LDLIBS)
+	$(CXX) -shared $(SOLIB_FLAGS) -o $@ $(strip $(CXXFLAGS)) -Wl,--exclude-libs,ALL $(LIBOBJS) $(AOSP_CPU_OBJ) $(LDFLAGS) $(LDLIBS)
 ifeq ($(HAS_SOLIB_VERSION),1)
 	-$(LN) libcryptopp.so$(SOLIB_VERSION_SUFFIX) libcryptopp.so
 	-$(LN) libcryptopp.so$(SOLIB_VERSION_SUFFIX) libcryptopp.so$(SOLIB_COMPAT_SUFFIX)
 endif
-libcryptopp.dylib: $(LIBOBJS)
+libcryptopp.dylib: $(LIBOBJS) $(AOSP_CPU_OBJ)
-	$(CXX) -dynamiclib -o $@ $(CXXFLAGS) -install_name "$@" -current_version "$(LIB_MAJOR).$(LIB_MINOR).$(LIB_PATCH)" -compatibility_version "$(LIB_MAJOR).$(LIB_MINOR)" -headerpad_max_install_names $(LDFLAGS) $(LIBOBJS)
+	$(CXX) -dynamiclib -o $@ $(strip $(CXXFLAGS)) -install_name "$@" -current_version "$(LIB_MAJOR).$(LIB_MINOR).$(LIB_PATCH)" -compatibility_version "$(LIB_MAJOR).$(LIB_MINOR)" -headerpad_max_install_names $(LDFLAGS) $(LIBOBJS) $(AOSP_CPU_OBJ)
-cryptest.exe: libcryptopp.a $(TESTOBJS)
+cryptest.exe: $(LINK_LIBRARY) $(TESTOBJS)
-	$(CXX) -o $@ $(CXXFLAGS) $(TESTOBJS) ./libcryptopp.a $(LDFLAGS) $(LDLIBS)
+	$(CXX) -o $@ $(strip $(CXXFLAGS)) $(TESTOBJS) $(LINK_LIBRARY_PATH)$(LINK_LIBRARY) $(LDFLAGS) $(LDLIBS)
 # Used to generate list of source files for Autotools, CMakeList and Android.mk
 .PHONY: sources
 sources:
-	$(info Library sources: $(filter-out fipstest.cpp $(TESTSRCS),$(SRCS)))
+	$(info ***** Library sources *****)
 	$(info $(filter-out $(TESTSRCS),$(SRCS)))
 	$(info )
-	$(info Test sources: $(TESTSRCS))
+	$(info ***** Library headers *****)
 	$(info $(filter-out $(TESTINCL),$(INCL)))
 	$(info )
 	$(info ***** Test sources *****)
 	$(info $(TESTSRCS))
 	$(info )
 	$(info ***** Test headers *****)
 	$(info $(TESTINCL))
 adhoc.cpp: adhoc.cpp.proto
 ifeq ($(wildcard adhoc.cpp),)
@ -261,8 +823,120 @@ ifeq ($(wildcard GNUmakefile.deps),GNUmakefile.deps)
 -include GNUmakefile.deps
 endif # Dependencies
-%.o : %.cpp
+# Cryptogams ARM asm implementation. AES needs -mthumb for Clang
-	$(CXX) $(CXXFLAGS) -c $<
+aes_armv4.o : aes_armv4.S
 	$(CXX) $(strip $(CXXFLAGS) $(CRYPTOGAMS_ARMV7_THUMB_FLAG) -c) $<
-GNUmakefile.deps:
+cpu-features.o: cpu-features.h cpu-features.c
-	$(CXX) $(CXXFLAGS) -MM *.cpp > GNUmakefile.deps
+	$(CXX) $(strip $(CXXFLAGS) -fpermissive -c) cpu-features.c
 # SSSE3 or NEON available
 aria_simd.o : aria_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(ARIA_FLAG) -c) $<
 # SSE, NEON or POWER7 available
 blake2s_simd.o : blake2s_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(BLAKE2S_FLAG) -c) $<
 # SSE, NEON or POWER8 available
 blake2b_simd.o : blake2b_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(BLAKE2B_FLAG) -c) $<
 # SSE2 or NEON available
 chacha_simd.o : chacha_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(CHACHA_FLAG) -c) $<
 # AVX2 available
 chacha_avx.o : chacha_avx.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(CHACHA_AVX2_FLAG) -c) $<
 # SSSE3 available
 cham_simd.o : cham_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(CHAM_FLAG) -c) $<
 # Power9 available
 darn.o : darn.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(DARN_FLAG) -c) $<
 # SSE2 on i686
 donna_sse.o : donna_sse.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(SSE2_FLAG) -c) $<
 # SSE2 on i686
 sse_simd.o : sse_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(SSE2_FLAG) -c) $<
 # SSE4.2 or ARMv8a available
 crc_simd.o : crc_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(CRC_FLAG) -c) $<
 # PCLMUL or ARMv7a/ARMv8a available
 gcm_simd.o : gcm_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(GCM_FLAG) -c) $<
 # SSSE3 available
 lea_simd.o : lea_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(LEA_FLAG) -c) $<
 # NEON available
 neon_simd.o : neon_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(NEON_FLAG) -c) $<
 # AESNI or ARMv7a/ARMv8a available
 rijndael_simd.o : rijndael_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(AES_FLAG) -c) $<
 # SSE4.2/SHA-NI or ARMv8a available
 sha_simd.o : sha_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(SHA_FLAG) -c) $<
 # Cryptogams SHA1 asm implementation.
 sha1_armv4.o : sha1_armv4.S
 	$(CXX) $(strip $(CXXFLAGS) $(CRYPTOGAMS_ARMV7_FLAG) -c) $<
 # Cryptogams SHA256 asm implementation.
 sha256_armv4.o : sha256_armv4.S
 	$(CXX) $(strip $(CXXFLAGS) $(CRYPTOGAMS_ARMV7_FLAG) -c) $<
 # Cryptogams SHA512 asm implementation.
 sha512_armv4.o : sha512_armv4.S
 	$(CXX) $(strip $(CXXFLAGS) $(CRYPTOGAMS_ARMV7_FLAG) -c) $<
 # SSE4.2/SHA-NI or ARMv8a available
 shacal2_simd.o : shacal2_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(SHA_FLAG) -c) $<
 # SSSE3 or NEON available
 simeck_simd.o : simeck_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(SIMECK_FLAG) -c) $<
 # SSE4.1, NEON or POWER7 available
 simon64_simd.o : simon64_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(SIMON64_FLAG) -c) $<
 # SSSE3, NEON or POWER8 available
 simon128_simd.o : simon128_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(SIMON128_FLAG) -c) $<
 # SSE4.1, NEON or POWER7 available
 speck64_simd.o : speck64_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(SPECK64_FLAG) -c) $<
 # SSSE3, NEON or POWER8 available
 speck128_simd.o : speck128_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(SPECK128_FLAG) -c) $<
 # ARMv8.4 available
 sm3_simd.o : sm3_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(SM3_FLAG) -c) $<
 # AESNI available
 sm4_simd.o : sm4_simd.cpp
 	$(CXX) $(strip $(CXXFLAGS) $(SM4_FLAG) -c) $<
 %.o : %.cpp
 	$(CXX) $(strip $(CXXFLAGS) -c) $<
 .PHONY: dep deps depend
 dep deps depend GNUmakefile.deps:
 	$(CXX) $(strip $(CXXFLAGS) -DCRYPTOPP_DISABLE_ASM) -MM *.cpp > GNUmakefile.deps
--- a/History.txt
+++ b/History.txt
@ -0,0 +1,482 @@
 *** History ***
 The History file contains the items that comprise the release notes. The
 items in the list below used to be in Readme.txt. Readme.txt now contans the
 last several releases.
 1.0 - First public release
    - Withdrawn at the request of RSA DSI over patent claims
    - included Blowfish, BBS, DES, DH, Diamond, DSA, ElGamal, IDEA,
      MD5, RC4, RC5, RSA, SHA, WAKE, secret sharing, DEFLATE compression
    - had a serious bug in the RSA key generation code.
 1.1 - Removed RSA, RC4, RC5
    - Disabled calls to RSAREF's non-public functions
    - Minor bugs fixed
 2.0 - a completely new, faster multiprecision integer class
    - added MD5-MAC, HAVAL, 3-WAY, TEA, SAFER, LUC, Rabin, BlumGoldwasser,
      elliptic curve algorithms
    - added the Lucas strong probable primality test
    - ElGamal encryption and signature schemes modified to avoid weaknesses
    - Diamond changed to Diamond2 because of key schedule weakness
    - fixed bug in WAKE key setup
    - SHS class renamed to SHA
    - lots of miscellaneous optimizations
 2.1 - added Tiger, HMAC, GOST, RIPE-MD160, LUCELG, LUCDIF, XOR-MAC,
      OAEP, PSSR, SHARK
    - added precomputation to DH, ElGamal, DSA, and elliptic curve algorithms
    - added back RC5 and a new RSA
    - optimizations in elliptic curves over GF(p)
    - changed Rabin to use OAEP and PSSR
    - changed many classes to allow copy constructors to work correctly
    - improved exception generation and handling
 2.2 - added SEAL, CAST-128, Square
    - fixed bug in HAVAL (padding problem)
    - fixed bug in triple-DES (decryption order was reversed)
    - fixed bug in RC5 (couldn't handle key length not a multiple of 4)
    - changed HMAC to conform to RFC-2104 (which is not compatible
      with the original HMAC)
    - changed secret sharing and information dispersal to use GF(2^32)
      instead of GF(65521)
    - removed zero knowledge prover/verifier for graph isomorphism
    - removed several utility classes in favor of the C++ standard library
 2.3 - ported to EGCS
    - fixed incomplete workaround of min/max conflict in MSVC
 3.0 - placed all names into the "CryptoPP" namespace
    - added MD2, RC2, RC6, MARS, RW, DH2, MQV, ECDHC, CBC-CTS
    - added abstract base classes PK_SimpleKeyAgreementDomain and
      PK_AuthenticatedKeyAgreementDomain
    - changed DH and LUCDIF to implement the PK_SimpleKeyAgreementDomain
      interface and to perform domain parameter and key validation
    - changed interfaces of PK_Signer and PK_Verifier to sign and verify
      messages instead of message digests
    - changed OAEP to conform to PKCS#1 v2.0
    - changed benchmark code to produce HTML tables as output
    - changed PSSR to track IEEE P1363a
    - renamed ElGamalSignature to NR and changed it to track IEEE P1363
    - renamed ECKEP to ECMQVC and changed it to track IEEE P1363
    - renamed several other classes for clarity
    - removed support for calling RSAREF
    - removed option to compile old SHA (SHA-0)
    - removed option not to throw exceptions
 3.1 - added ARC4, Rijndael, Twofish, Serpent, CBC-MAC, DMAC
    - added interface for querying supported key lengths of symmetric ciphers
      and MACs
    - added sample code for RSA signature and verification
    - changed CBC-CTS to be compatible with RFC 2040
    - updated SEAL to version 3.0 of the cipher specification
    - optimized multiprecision squaring and elliptic curves over GF(p)
    - fixed bug in MARS key setup
    - fixed bug with attaching objects to Deflator
 3.2 - added DES-XEX3, ECDSA, DefaultEncryptorWithMAC
    - renamed DES-EDE to DES-EDE2 and TripleDES to DES-EDE3
    - optimized ARC4
    - generalized DSA to allow keys longer than 1024 bits
    - fixed bugs in GF2N and ModularArithmetic that can cause calculation errors
    - fixed crashing bug in Inflator when given invalid inputs
    - fixed endian bug in Serpent
    - fixed padding bug in Tiger
 4.0 - added Skipjack, CAST-256, Panama, SHA-2 (SHA-256, SHA-384, and SHA-512),
      and XTR-DH
    - added a faster variant of Rabin's Information Dispersal Algorithm (IDA)
    - added class wrappers for these operating system features:
       * high resolution timers on Windows, Unix, and MacOS
       * Berkeley and Windows style sockets
       * Windows named pipes
       * /dev/random and /dev/urandom on Linux and FreeBSD
       * Microsoft's CryptGenRandom on Windows
    - added support for SEC 1 elliptic curve key format and compressed points
    - added support for X.509 public key format (subjectPublicKeyInfo) for
      RSA, DSA, and elliptic curve schemes
    - added support for DER and OpenPGP signature format for DSA
    - added support for ZLIB compressed data format (RFC 1950)
    - changed elliptic curve encryption to use ECIES (as defined in SEC 1)
    - changed MARS key schedule to reflect the latest specification
    - changed BufferedTransformation interface to support multiple channels
      and messages
    - changed CAST and SHA-1 implementations to use public domain source code
    - fixed bug in StringSource
    - optmized multi-precision integer code for better performance
 4.1 - added more support for the recommended elliptic curve parameters in SEC 2
    - added Panama MAC, MARC4
    - added IV stealing feature to CTS mode
    - added support for PKCS #8 private key format for RSA, DSA, and elliptic
      curve schemes
    - changed Deflate, MD5, Rijndael, and Twofish to use public domain code
    - fixed a bug with flushing compressed streams
    - fixed a bug with decompressing stored blocks
    - fixed a bug with EC point decompression using non-trinomial basis
    - fixed a bug in NetworkSource::GeneralPump()
    - fixed a performance issue with EC over GF(p) decryption
    - fixed syntax to allow GCC to compile without -fpermissive
    - relaxed some restrictions in the license
 4.2 - added support for longer HMAC keys
    - added MD4 (which is not secure so use for compatibility purposes only)
    - added compatibility fixes/workarounds for STLport 4.5, GCC 3.0.2,
      and MSVC 7.0
    - changed MD2 to use public domain code
    - fixed a bug with decompressing multiple messages with the same object
    - fixed a bug in CBC-MAC with MACing multiple messages with the same object
    - fixed a bug in RC5 and RC6 with zero-length keys
    - fixed a bug in Adler32 where incorrect checksum may be generated
 5.0 - added ESIGN, DLIES, WAKE-OFB, PBKDF1 and PBKDF2 from PKCS #5
    - added key validation for encryption and signature public/private keys
    - renamed StreamCipher interface to SymmetricCipher, which is now implemented
      by both stream ciphers and block cipher modes including ECB and CBC
    - added keying interfaces to support resetting of keys and IVs without
      having to destroy and recreate objects
    - changed filter interface to support non-blocking input/output
    - changed SocketSource and SocketSink to use overlapped I/O on Microsoft Windows
    - grouped related classes inside structs to help templates, for example
      AESEncryption and AESDecryption are now AES::Encryption and AES::Decryption
    - where possible, typedefs have been added to improve backwards
      compatibility when the CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY macro is defined
    - changed Serpent, HAVAL and IDEA to use public domain code
    - implemented SSE2 optimizations for Integer operations
    - fixed a bug in HMAC::TruncatedFinal()
    - fixed SKIPJACK byte ordering following NIST clarification dated 5/9/02
 5.01 - added known answer test for X9.17 RNG in FIPS 140 power-up self test
     - submitted to NIST/CSE, but not publicly released
 5.02 - changed EDC test to MAC integrity check using HMAC/SHA1
     - improved performance of integrity check
     - added blinding to defend against RSA timing attack
 5.03 - created DLL version of Crypto++ for FIPS 140-2 validation
     - fixed vulnerabilities in GetNextIV for CTR and OFB modes
 5.0.4 - Removed DES, SHA-256, SHA-384, SHA-512 from DLL
 5.1 - added PSS padding and changed PSSR to track IEEE P1363a draft standard
    - added blinding for RSA and Rabin to defend against timing attacks
      on decryption operations
    - changed signing and decryption APIs to support the above
    - changed WaitObjectContainer to allow waiting for more than 64
      objects at a time on Win32 platforms
    - fixed a bug in CBC and ECB modes with processing non-aligned data
    - fixed standard conformance bugs in DLIES (DHAES mode) and RW/EMSA2
      signature scheme (these fixes are not backwards compatible)
    - fixed a number of compiler warnings, minor bugs, and portability problems
    - removed Sapphire
 5.2 - merged in changes for 5.01 - 5.0.4
    - added support for using encoding parameters and key derivation parameters
      with public key encryption (implemented by OAEP and DL/ECIES)
    - added Camellia, SHACAL-2, Two-Track-MAC, Whirlpool, RIPEMD-320,
      RIPEMD-128, RIPEMD-256, Base-32 coding, FIPS variant of CFB mode
    - added ThreadUserTimer for timing thread CPU usage
    - added option for password-based key derivation functions
      to iterate until a mimimum elapsed thread CPU time is reached
    - added option (on by default) for DEFLATE compression to detect
      uncompressible files and process them more quickly
    - improved compatibility and performance on 64-bit platforms,
      including Alpha, IA-64, x86-64, PPC64, Sparc64, and MIPS64
    - fixed ONE_AND_ZEROS_PADDING to use 0x80 instead 0x01 as padding.
    - fixed encoding/decoding of PKCS #8 privateKeyInfo to properly
      handle optional attributes
 5.2.1 - fixed bug in the "dlltest" DLL testing program
      - fixed compiling with STLport using VC .NET
      - fixed compiling with -fPIC using GCC
      - fixed compiling with -msse2 on systems without memalign()
      - fixed inability to instantiate PanamaMAC
      - fixed problems with inline documentation
 5.2.2 - added SHA-224
      - put SHA-256, SHA-384, SHA-512, RSASSA-PSS into DLL
 5.2.3 - fixed issues with FIPS algorithm test vectors
      - put RSASSA-ISO into DLL
 5.3 - ported to MSVC 2005 with support for x86-64
    - added defense against AES timing attacks, and more AES test vectors
    - changed StaticAlgorithmName() of Rijndael to "AES", CTR to "CTR"
 5.4 - added Salsa20
    - updated Whirlpool to version 3.0
    - ported to GCC 4.1, Sun C++ 5.8, and Borland C++Builder 2006
 5.5 - added VMAC and Sosemanuk (with x86-64 and SSE2 assembly)
    - improved speed of integer arithmetic, AES, SHA-512, Tiger, Salsa20,
      Whirlpool, and PANAMA cipher using assembly (x86-64, MMX, SSE2)
    - optimized Camellia and added defense against timing attacks
    - updated benchmarks code to show cycles per byte and to time key/IV setup
    - started using OpenMP for increased multi-core speed
    - enabled GCC optimization flags by default in GNUmakefile
    - added blinding and computational error checking for RW signing
    - changed RandomPool, X917RNG, GetNextIV, DSA/NR/ECDSA/ECNR to reduce
      the risk of reusing random numbers and IVs after virtual machine state
      rollback
    - changed default FIPS mode RNG from AutoSeededX917RNG<DES_EDE3> to
      AutoSeededX917RNG<AES>
    - fixed PANAMA cipher interface to accept 256-bit key and 256-bit IV
    - moved MD2, MD4, MD5, PanamaHash, ARC4, WAKE_CFB into the namespace "Weak"
    - removed HAVAL, MD5-MAC, XMAC
 5.5.1 - fixed VMAC validation failure on 32-bit big-endian machines
 5.5.2 - ported x64 assembly language code for AES, Salsa20, Sosemanuk, and Panama
        to MSVC 2005 (using MASM since MSVC doesn't support inline assembly on x64)
      - fixed Salsa20 initialization crash on non-SSE2 machines
      - fixed Whirlpool crash on Pentium 2 machines
      - fixed possible branch prediction analysis (BPA) vulnerability in
        MontgomeryReduce(), which may affect security of RSA, RW, LUC
      - fixed link error with MSVC 2003 when using "debug DLL" form of runtime library
      - fixed crash in SSE2_Add on P4 machines when compiled with
        MSVC 6.0 SP5 with Processor Pack
      - ported to MSVC 2008, GCC 4.2, Sun CC 5.9, Intel C++ Compiler 10.0,
        and Borland C++Builder 2007
 5.6.0 - added AuthenticatedSymmetricCipher interface class and Filter wrappers
      - added CCM, GCM (with SSE2 assembly), EAX, CMAC, XSalsa20, and SEED
      - added support for variable length IVs
      - added OIDs for Brainpool elliptic curve parameters
      - improved AES and SHA-256 speed on x86 and x64
      - changed BlockTransformation interface to no longer assume data alignment
      - fixed incorrect VMAC computation on message lengths
        that are >64 mod 128 (x86 assembly version is not affected)
      - fixed compiler error in vmac.cpp on x86 with GCC -fPIC
      - fixed run-time validation error on x86-64 with GCC 4.3.2 -O2
      - fixed HashFilter bug when putMessage=true
      - fixed AES-CTR data alignment bug that causes incorrect encryption on ARM
      - removed WORD64_AVAILABLE; compiler support for 64-bit int is now required
      - ported to GCC 4.3, C++Builder 2009, Sun CC 5.10, Intel C++ Compiler 11
 5.6.1 - added support for AES-NI and CLMUL instruction sets in AES and GMAC/GCM
      - removed WAKE-CFB
      - fixed several bugs in the SHA-256 x86/x64 assembly code:
         * incorrect hash on non-SSE2 x86 machines on non-aligned input
         * incorrect hash on x86 machines when input crosses 0x80000000
         * incorrect hash on x64 when compiled with GCC with optimizations enabled
      - fixed bugs in AES x86 and x64 assembly causing crashes in some MSVC build configurations
      - switched to a public domain implementation of MARS
      - ported to MSVC 2010, GCC 4.5.1, Sun Studio 12u1, C++Builder 2010, Intel C++ Compiler 11.1
      - renamed the MSVC DLL project to "cryptopp" for compatibility with MSVC 2010
 5.6.2 - changed license to Boost Software License 1.0
      - added SHA-3 (Keccak)
      - updated DSA to FIPS 186-3 (see DSA2 class)
      - fixed Blowfish minimum keylength to be 4 bytes (32 bits)
      - fixed Salsa validation failure when compiling with GCC 4.6
      - fixed infinite recursion when on x64, assembly disabled, and no AESNI
      - ported to MSVC 2012, GCC 4.7, Clang 3.2, Solaris Studio 12.3, Intel C++ Compiler 13.0
 5.6.3 - maintenance release, honored API/ABI/Versioning requirements
      - expanded processes to include community and its input
         * 12 unique contributors for this release
      - fixed CVE-2015-2141
      - cleared most Undefined Behavior Sanitizer (UBsan) findings
      - cleared all Address Sanitizer (Asan) findings
      - cleared all Valgrind findings
      - cleared all Coverity findings
      - cleared all Enterprise Analysis (/analyze) findings
      - cleared most GCC warnings with -Wall
      - cleared most Clang warnings with -Wall
      - cleared most MSVC warnings with /W4
      - added -fPIC 64-bit builds. Off by default for i386
      - added HKDF class from RFC 5868
      - switched to member_ptr due to C++ 11 warnings for auto_ptr
      - initialization of C++ static objects, off by default
         * GCC and init_priotirty/constructor attributes
         * MSVC and init_seg(lib)
         * CRYPTOPP_INIT_PRIORITY disabled by default, but available
      - improved OS X support
      - improved GNUmakefile support for Testing and QA
      - added self tests for additional Testing and QA
      - added cryptest.sh for systematic Testing and QA
      - added GNU Gold linker support
      - added Visual Studio 2010 solution and project files in vs2010.zip
      - added Clang integrated assembler support
      - unconditionally define CRYPTOPP_NO_UNALIGNED_DATA_ACCESS for Makefile
        target 'ubsan' and at -O3 due to GCC vectorization on x86 and x86_64
      - workaround ARMEL/GCC 5.2 bug and failed self test
      - fixed crash in MQV due to GCC 4.9+ and inlining
      - fixed hang in SHA due to GCC 4.9+ and inlining
      - fixed missing rdtables::Te under VS with ALIGNED_DATA_ACCESS
      - fixed S/390 and big endian feature detection
      - fixed S/390 and int128_t/uint128_t detection
      - fixed X32 (ILP32) feature detection
      - removed  _CRT_SECURE_NO_DEPRECATE for Microsoft platforms
      - utilized bound checking interfaces from ISO/IEC TR 24772 when available
      - improved ARM, ARM64, MIPS, MIPS64, S/390 and X32 (ILP32) support
      - introduced CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
      - added additional Doxygen-based documentation
      - ported to MSVC 2015, Xcode 7.2, GCC 5.2, Clang 3.7, Intel C++ 16.00
 5.6.4 - September 11, 2016
      - maintenance release, honored API/ABI/Versioning requirements
      - expanded community input and support
         * 22 unique contributors for this release
      - fixed CVE-2016-3995
      - changed SHA3 to FIPS 202 (F1600, XOF d=0x06)
      - added Keccak (F1600, XOF d=0x01)
      - added ChaCha (ChaCha8/12/20)
      - added HMQV and FHMQV
         * Hashed and Fully Hashed MQV
      - added BLAKE2 (BLAKE2s and BLAKE2b)
         * C++, SSE2, SSE4, ARM NEON and ARMv8 ASIMD
      - added CRC32-C
         * C/C++, Amd64 CRC, and ARMv8 CRC
      - improved Rabin-William signatures
         * Tweaked roots <em>e</em> and <em>f</em>
      - improved C++11 support
         * atomics, threads and fences
         * alginof, alignas
         * constexpr
         * noexcept
      - improved GCM mode
         * ARM NEON and ARMv8 ASIMD
         * ARMv8 carry-less multiply
      - improved Windows 8 and 10 support
         * Windows Phone, Universal Windows Platform, Windows Store
      - improved MIPS, ARMv7 and ARMv8 support
         * added scripts setenv-{android|embedded|ios}.sh for GNUmakefile-cross
         * aggressive use of -march=<arch> and -mfpu=<fpu> in cryptest.sh
      - improved build systems
         * Visual Studio 2010 default
         * added CMake support (lacks FindCryptopp.cmake)
         * archived VC++ 5/0/6.0 project files (vc60.zip)
         * archived VS2005 project files (vs2005.zip)
         * archived Borland project files (bds10.zip)
      - improved Testing and QA
         * expanded platforms and compilers
         * added code generation tests based on CPU features
         * added C++03, C++11, C++14, C++17 testing
         * added -O3, -O5, -Ofast and -Os testing
      - ported to MSVC 2015 SP3, Xcode 9.0, Sun Studio 12.5, GCC 7.0,
        MacPorts GCC 7.0, Clang 3.8, Intel C++ 17.00
 5.6.5 - October 11, 2016
      - maintenance release, recompile of programs recommended
      - expanded community input and support
         * 25 unique contributors as of this release
      - fixed CVE-2016-7420 (Issue 277, document NDEBUG for production/release)
      - fixed CVE-2016-7544 (Issue 302, avoid _malloca and _freea)
      - shipped library in recommended state
         * backwards compatibility achieved with <config.compat>
      - Visual Studio project file cleanup
         * improved X86 and X64 MSBuild support
         * added ARM-based MSBuild awareness
      - improved Testing and QA
         * expanded platforms and compilers
         * expanded Coverity into OS X and Windows platforms
         * added Windows test scripts using Strawberry Perl
      - ported to MSVC 2015 SP3, Xcode 7.3, Sun Studio 12.5, GCC 7.0,
        MacPorts GCC 7.0, Clang 3.8, Intel C++ 17.00
 6.0.0 - January 22, 2018
      - Major release, recompile of programs required
      - expanded community input and support
         * 43 unique contributors as of this release
      - fixed CVE-2016-9939 (Issue 346, transient DoS)
      - fixed CVE-2017-9434 (Issue 414, misidentified memory error)
      - converted to BASE+SIMD implementation
         * BASE provides an architecture neutral C++ implementation
         * SIMD provides architecture specific hardware acceleration
      - improved PowerPC Power4, Power7 and Power8 support
      - added ARIA, EC German DSA, Deterministic signatures (RFC 6979),
        Kalyna, NIST Hash and HMAC DRBG, Padlock RNG, Poly1305, SipHash,
        Simon, Speck, SM3, SM4, Threefish algorithms
      - added NaCl interface from the compact library
         * x25519 key exhange and ed25519 signing provided through NaCl interface
      - improved Testing and QA
      - ported to MSVC 2017, Xcode 8.1, Sun Studio 12.5, GCC 7.0,
        MacPorts GCC 7.0, Clang 4.0, Intel C++ 17.00, IBM XL C/C++ 13.1
 6.1.0 - February 22, 2018
      - minor release, maintenance items
      - expanded community input and support
         * 46 unique contributors as of this release
      - use 2048-bit modulus default for DSA
      - fix build under Linuxbrew
      - use /bin/sh in GNUmakefile
      - fix missing flags for SIMON and SPECK in GNUMakefile-cross
      - fix ARM and MinGW misdetection
      - port setenv-android.sh to latest NDK
      - fix Clang check for C++11 lambdas
      - Simon and Speck to little-endian implementation
      - use LIB_MAJOR for ABI compatibility
      - fix ODR violation in AdvancedProcessBlocks_{ARCH} templates
      - handle C++17 std::uncaught_exceptions
      - ported to MSVC 2017, Xcode 8.1, Sun Studio 12.5, GCC 8.0.1,
        MacPorts GCC 7.0, Clang 4.0, Intel C++ 17.00, IBM XL C/C++ 13.1
 7.0.0 - April 8, 2018
      - major release, recompile of programs required
      - expanded community input and support
         * 48 unique contributors as of this release
      - fix incorrect result when using Integer::ModInverse
         * may be CVE worthy, but request was not submitted
      - fix ARIA/CTR bus error on Sparc64
      - fix incorrect result when using a_exp_b_mod_c
      - fix undeclared identifier uint32_t on early Visual Studio
      - fix iPhoneSimulator build on i386
      - fix incorrect adler32 in ZlibDecompressor
      - fix Power7 test using PPC_FEATURE_ARCH_2_06
      - workaround incorrect Glibc sysconf return value on ppc64-le
      - add KeyDerivationFunction interface
      - add scrypt key derivation function
      - add Salsa20_Core transform callable from outside class
      - add sbyte, sword16, sword32 and sword64
      - remove s_nullNameValuePairs from unnamed namespace
      - ported to MSVC 2017, Xcode 9.3, Sun Studio 12.5, GCC 8.0.1,
        MacPorts GCC 7.0, Clang 4.0, Intel C++ 17.00, IBM XL C/C++ 13.1
 8.0.0 - December 28, 2018
      - major release, recompile of programs required
      - expanded community input and support
         * 54 unique contributors as of this release
      - add x25519 key exchange and ed25519 signature scheme
      - add limited Asymmetric Key Package support from RFC 5958
      - add Power9 DARN random number generator support
      - add CHAM, HC-128, HC-256, Hight, LEA, Rabbit, Simeck
      - fix FixedSizeAllocatorWithCleanup may be unaligned on some platforms
      - cutover to GNU Make-based cpu feature tests
      - rename files with dashes to underscores
      - fix LegacyDecryptor and LegacyDecryptorWithMAC use wrong MAC
      - fix incorrect AES/CBC decryption on Windows
      - avoid Singleton<T> when possible, avoid std::call_once completely
      - fix SPARC alignment problems due to GetAlignmentOf<T>() on word64
      - add ARM AES asm implementation from Cryptogams
      - remove CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS support
 8.1.0 - February 22, 2019
      - minor release, no recompile of programs required
      - expanded community input and support
        * 56 unique contributors as of this release
      - fix OS X PowerPC builds with Clang
      - add Microsoft ARM64 support
      - fix iPhone Simulator build due to missing symbols
      - add CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE
      - add carryless multiplies for NIST b233 and k233 curves
      - fix OpenMP build due to use of OpenMP 4 with down-level compilers
      - add SignStream and VerifyStream for ed25519 and large files
      - fix missing AlgorithmProvider in PanamaHash
      - add SHAKE-128 and SHAKE-256
      - fix AVX2 build due to _mm256_broadcastsi128_si256
      - add IETF ChaCha, XChaCha, ChaChaPoly1305 and XChaChaPoly1305
 8.2.0 - April 28, 2019
      - minor release, no recompile of programs required
      - expanded community input and support
        * 56 unique contributors as of this release
      - use PowerPC unaligned loads and stores with Power8
      - add SKIPJACK test vectors
      - fix SHAKE-128 and SHAKE-256 compile
      - removed IS_NEON from Makefile
      - fix Aarch64 build on Fedora 29
      - fix missing GF2NT_233_Multiply_Reduce_CLMUL in FIPS DLL
      - add missing BLAKE2 constructors
      - fix missing BlockSize() in BLAKE2 classes
--- a/Install.txt
+++ b/Install.txt
@ -10,19 +10,22 @@ CONTENTS OF THIS FILE
 * Acceptance Testing
 * Reporting problems
 INTRODUCTION
 ------------
-Crypto++ Library is a free C++ class library of cryptographic algorithms and schemes. It was written and placed in public domain by Wei Dai. The library homepage is at http://www.cryptopp.com/. The latest library source code can be found at http://github.com/weidai11/cryptopp. For licensing and copyright information, please see License.txt.
+Crypto++ Library is a free C++ class library of cryptographic algorithms and schemes. The library was originally written and placed in public domain by Wei Dai, but it is now maintained by the community. The library homepage is at http://www.cryptopp.com/. The latest library source code can be found at http://github.com/weidai11/cryptopp. For licensing and copyright information, please see License.txt.
-These are general instructions for the BSDs, Linux, OS X, Solaris and Unix. The library uses a GNU makefile, which combines configuration and a non-anemic make. On BSD and Solaris you will likely have to use `gmake` to build the library. On Linux, OS X and Unix, the system's make should be OK. On Windows, Crypto++ provides Borland and Visual Studio solutions.
+These are general instructions for the AIX, BSDs, Linux, OS X, Solaris and Unix. The library uses a GNU makefile, which combines configuration and a non-anemic make. On AIX, BSD and Solaris you will likely have to use `gmake` to build the library. On Linux, OS X and Unix, the system's make should be OK. On Windows, Crypto++ provides Visual Studio solutions.
-You should look through the GNUmakefile and config.h to ensure settings look reasonable before building. If you need compatibility with Crypto++ 5.6.2, then you can use `config.compat` in place of `config.h`. You are discouraged from using `config.compat` because it re-introduces undefined behavior that was cleared at Crypto++ 5.6.3.
+You should look through the GNUmakefile and config.h to ensure settings look reasonable before building. There are two wiki pages that help explain them at http://www.cryptopp.com/wiki/GNUmakefile and http://www.cryptopp.com/wiki/Config.h.
-Wiki pages are available for some platforms with specific build instructions. The wiki can be found at http://cryptopp.com/wiki/. The pages include Android, ARM, iOS and Solaris. Solaris users should visit the wiki for important information on compiling the library with different versions of SunCC and options, and information on improving library performance and features.
+Wiki pages are available for some platforms with specific build instructions. The pages include Android, ARM, iOS, MSBuild and Solaris. Solaris users should visit the wiki for important information on compiling the library with different versions of SunCC and options, and information on improving library performance and features.
 Crypto++ does not depend upon other tools or libraries. It does not use Autotools, does not use CMake, and does not use Boost. If you use an alternate build system, like Autotools or CMake, then see the warning below about CXXFLAGS and lack of -DNDEBUG. CMake is available in Master as a matter of convenience, but its not officially supported.
 There is a partially complete CmakeList.txt available on the wiki at http://www.cryptopp.com/wiki/CMake. It is not recommended for use because it is not in a good state. If you have CMake expertise and can work some problems, then please see the wiki page for tasks related to CMake.
 BUILDING THE LIBRARY
 --------------------
@ -33,7 +36,9 @@ In general, all you should have to do is open a terminal, and then:
    make test
    sudo make install
-The command above builds the static library and cryptest.exe program. If you want to build the shared object, then issue:
+The command above builds the static library and cryptest.exe program. It also uses a sane set of default flags, which are usually "-DNDEBUG -g2 -O3 -fPIC".
 If you want to build the shared object, then issue:
    make static dynamic cryptest.exe
@ -47,33 +52,50 @@ If you would like to use a different compiler, the set CXX:
    export CXX=/opt/intel/bin/icpc
    make
 Or:
    CXX=/opt/solarisstudio12.4/bin/CC make
 If you want to build using C++11, then:
-    make CXXFLAGS="-std=c++11"
+    export CXXFLAGS="-DNDEBUG -g2 -O3 -std=c++11"
    make
 Or:
-    CXXFLAGS="-std=c++11"
+    CXXFLAGS="-DNDEBUG -g2 -O3 -std=c++11" make
    make
 LLVM's libc++ is also supported, so you can:
-    CXXFLAGS="-std=c++11 -stdlib=libc++"
+    export CXXFLAGS="-std=c++11 -stdlib=libc++"
    make
 If you target 32-bit IA-32 machines (i386, i586 or i686), then the makefile forgoes -fPIC due to register pressures. You should add -fPIC yourself in this case:
    CXXFLAGS="-DNDEBUG -g2 -O3 -fPIC" make
 You can also override a variable so that only your flags are present. That is, the makefile will not add additional flags. For example, the following builds with only -std=c++11:
    make CXXFLAGS="-std=c++11"
 Crypto++ does not enagage Specter remediations at this time. You can build with Specter resistance with the following flags:
    CXXFLAGS="-DNDEBUG -g2 -O3 -mfunction-return=thunk -mindirect-branch=thunk" make
 ALTERNATE BUILD SYSTEMS
 -----------------------
 The Crypto++ library is Make based and uses GNU Make by default. The makefile uses '-DNDEBUG -g2 -O2' CXXFLAGS by default. If you use an alternate build system, like Autotools or CMake, then ensure the build system includes '-DNDEBUG' for production or release builds. The Crypto++ library uses asserts for debugging and diagnostics during development; it does not rely on them to crash a program at runtime.
-If an assert triggers in production software, then unprotected sensitive information could be egressed from the program to the filesystem or the platform's error reporting program, like Apport on Ubuntu or CrashReporter on Apple.
+If an assert triggers in production software, then unprotected sensitive information could be written to the filesystem and could be egressed to the platform's error reporting program, like Apport on Ubuntu, CrashReporter on Apple and Windows Error Reporting on Microsoft OSes.
 The makefile orders object files to help remediate problems associated with C++ static initialization order. The library does not use custom linker scripts. If you use an alternate build system, like Autotools or CMake, and collect source files into a list, then ensure these three are at the head of the list: 'cryptlib.cpp cpu.cpp integer.cpp <other sources>'. They should be linked in the same order: 'cryptlib.o cpu.o integer.o <other objects>'.
 If your linker supports initialization attributes, like init_priority, then you can define CRYPTOPP_INIT_PRIORITY to control object initialization order. Set it to a value like 250. User programs can use CRYPTOPP_USER_PRIORITY to avoid conflicts with library values. Initialization attributes are more reliable than object file ordering, but its not ubiquitously supported by linkers.
-The makefile links to the static version of the Crypto++ library to avoid binary planting and other LD_PRELOAD tricks. You should use the static version of the library in your programs to help avoid unwanted redirections.
+The makefile links to the static version of the Crypto++ library to avoid missing dynamic libraries, incorrect dynamic libraries, binary planting and other LD_PRELOAD tricks. You should use the static version of the library in your programs to help avoid unwanted redirections.
 INSTALLING THE LIBRARY
 ----------------------
@ -120,7 +142,7 @@ The following are some of the targets provided by the GNU makefile.
 DYNAMIC ANALYSIS
 ----------------
-The Crypto++ embraces tools like Undefined Behavior sanitizer (UBsan), Address sanitizer (Asan) and Valgrind. Both Clang 3.2 and above and GCC 4.8 and above provide sanitizers. Please check with your distribution on how to install the compiler with its sanitizer libraries (they are sometimes a separate install item).
+The Crypto++ embraces tools like Undefined Behavior sanitizer (UBsan), Address sanitizer (Asan), Bounds sanitizer (Bsan), Coverity Scan and Valgrind. Both Clang 3.2 and above and GCC 4.8 and above provide sanitizers. Please check with your distribution on how to install the compiler with its sanitizer libraries (they are sometimes a separate install item).
 UBsan and Asan are mutually exclusive options, so you can perform only one of these at a time:
@ -150,13 +172,15 @@ ACCEPTANCE TESTING
 Crypto++ uses five security gates in its engineering process. The library must maintain the quality provided by the review system and integrity of the test suites. You can use the information to decide if the Crypto++ library suits your needs and provides a compatible security posture.
-The first gate is code review and discussion of proposed patches. Git commits often cross reference a User Group discussions.
+The first gate is code review and discussion of proposed chnages. Git commits often cross reference a User Group discussions.
 Second is the compiler warning system. The code must clean compile under the equivalent of GCC's -Wall -Wextra (modulo -Wno-type-limits -Wno-unknown-pragmas). This is a moving target as compiler analysis improves.
-Third, the code must pass cleanly though GCC and Clang's Undefined Behavior sanitizer (UBsan) and Address sanitizer (Asan) with CRYPTOPP_NO_UNALIGNED_DATA_ACCESS defined in config.h. See DYNAMIC ANALYSIS above on how to execute them.
+Third, the code must pass cleanly though GCC and Clang's Undefined Behavior sanitizer (UBsan), Address sanitizer (Asan) and Bounds sanitizer (Bsan). See DYNAMIC ANALYSIS above on how to execute them.
-Fourth, the test harness provides a "validation" option which performs basic system checks (like endianess and word sizes) and exercises algorithms (like AES and SHA). You run the validation suite as shown below. The tail of the output should indicate 0 failed tests.
+Fourth, the code must pass cleanly though Coverity Scan and Valgrind. Valgrind testing is performed at -O1 in accordance with Valgrind recommendations.
 Fifth, the test harness provides a "validation" option which performs basic system checks (like endianness and word sizes) and exercises algorithms (like AES and SHA). You run the validation suite as shown below. The tail of the output should indicate 0 failed tests.
    ./cryptest.exe v
    ...
@ -165,7 +189,7 @@ Fourth, the test harness provides a "validation" option which performs basic sys
    Test ended at Sun Jul 26 02:10:57 2015
    Seed used was: 1437891055
-Fifth, the test harness provides a "test vector" option which uses many known test vectors, even those published by other people (like Brian Gladman for AES). You run the test vectors as shown below. The tail of the output should indicate 0 failed tests.
+Sixth, the test harness provides a "test vector" option which uses many known test vectors, even those published by other people (like Brian Gladman for AES). You run the test vectors as shown below. The tail of the output should indicate 0 failed tests.
    ./cryptest.exe tv all
    ...
@ -182,4 +206,4 @@ REPORTING PROBLEMS
 Dirty compiles and failures in the validation suite or test vectors should be reported at the Crypto++ User Group. The User Group is located at http://groups.google.com/forum/#!forum/cryptopp-users.
-Also see http://www.cryptopp.com/wiki/Bug_Report.
+The library uses Wei Dai's GitHub to track issues. The tracker is located at http://github.com/weidai11/cryptopp/issues. Please do not ask questions in the bug tracker; ask questions on the mailing list instead. Also see http://www.cryptopp.com/wiki/Bug_Report.
--- a/License.txt
+++ b/License.txt
@ -1,4 +1,4 @@
-Compilation Copyright (c) 1995-2016 by Wei Dai.  All rights reserved.
+Compilation Copyright (c) 1995-2019 by Wei Dai.  All rights reserved.
 This copyright applies only to this software distribution package
 as a compilation, and does not imply a copyright on any particular
 file in the package.
@ -22,6 +22,19 @@ Richard De Moliner - safer.cpp
 Matthew Skala - twofish.cpp
 Kevin Springle - camellia.cpp, shacal2.cpp, ttmac.cpp, whrlpool.cpp, ripemd.cpp
 Ronny Van Keer - sha3.cpp
 Aumasson, Neves, Wilcox-O'Hearn and Winnerlein - blake2.cpp, blake2b_simd.cpp, blake2s_simd.cpp
 Aaram Yun - aria.cpp, aria_simd.cpp
 Han Lulu, Markku-Juhani O. Saarinen - sm4.cpp sm4_simd.cpp
 Daniel J. Bernstein, Jack Lloyd - chacha.cpp, chacha_simd.cpp, chacha_avx.cpp
 Andrew Moon - ed25519, x25519, donna_32.cpp, donna_64.cpp, donna_sse.cpp
 The Crypto++ Library uses portions of Andy Polyakov's CRYPTOGAMS for Poly1305
 scalar multiplication, aes_armv4.S, sha1_armv4.S and sha256_armv4.S. CRYPTOGAMS
 is dual licensed with a permissive BSD-style license. The CRYPTOGAMS license is
 reproduced below.
 The Crypto++ Library uses portions of Jack Lloyd's Botan for ChaCha SSE2 and
 AVX. Botan placed the code in public domain for Crypto++ to use.
 The Crypto++ Library (as a compilation) is currently licensed under the Boost
 Software License 1.0 (http://www.boost.org/users/license.html).
@ -49,3 +62,22 @@ SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
 FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
 ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
 DEALINGS IN THE SOFTWARE.
 CRYPTOGAMS License
 Copyright (c) 2006-2017, CRYPTOGAMS by <appro@openssl.org>
 All rights reserved.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions
 are met:
 * Redistributions of source code must retain copyright notices,
  this list of conditions and the following disclaimer.
 * Redistributions in binary form must reproduce the above
  copyright notice, this list of conditions and the following
  disclaimer in the documentation and/or other materials
  provided with the distribution.
 * Neither the name of the CRYPTOGAMS nor the names of its copyright
  holder and contributors may be used to endorse or promote products
  derived from this software without specific prior written permission.
--- a/Readme.txt
+++ b/Readme.txt
@ -1,46 +1,52 @@
-Crypto++: a C++ Class Library of Cryptographic Schemes
+Crypto++: free C++ Class Library of Cryptographic Schemes
-Version 5.6.4 - SEPT/11/2016
+Version 8.3 - TBD
 Crypto++ Library is a free C++ class library of cryptographic schemes.
 Currently the library contains the following algorithms:
                   algorithm type  name
- authenticated encryption schemes  GCM, CCM, EAX
+ authenticated encryption schemes  GCM, CCM, EAX, ChaCha20Poly1305 and
                                   XChaCha20Poly1305
-        high speed stream ciphers  ChaCha (ChaCha8/12/20), Panama, Sosemanuk,
+        high speed stream ciphers  ChaCha (8/12/20), ChaCha (IETF), Panama, Salsa20,
-                                   Salsa20, XSalsa20
+                                   Sosemanuk, XSalsa20, XChaCha20
           AES and AES candidates  AES (Rijndael), RC6, MARS, Twofish, Serpent,
                                   CAST-256
-                                   IDEA, Triple-DES (DES-EDE2 and DES-EDE3),
+                                   ARIA, Blowfish, Camellia, CHAM, HIGHT, IDEA,
-              other block ciphers  Camellia, SEED, RC5, Blowfish, TEA, XTEA,
+                                   Kalyna (128/256/512), LEA, SEED, RC5, SHACAL-2,
-                                   Skipjack, SHACAL-2
+              other block ciphers  SIMON (64/128), Skipjack, SPECK (64/128),
                                   Simeck, SM4, Threefish (256/512/1024),
                                   Triple-DES (DES-EDE2 and DES-EDE3), TEA, XTEA
  block cipher modes of operation  ECB, CBC, CBC ciphertext stealing (CTS),
                                   CFB, OFB, counter mode (CTR)
-     message authentication codes  VMAC, HMAC, GMAC, CMAC, CBC-MAC, DMAC,
+     message authentication codes  BLAKE2s, BLAKE2b, CMAC, CBC-MAC, DMAC, GMAC, HMAC,
-                                   Two-Track-MAC
+                                   Poly1305, Poly1305 (IETF), SipHash, Two-Track-MAC,
                                   VMAC
-                                   BLAKE2 (BLAKE2b, BLAKE2s), SHA-1, SHA-2 (SHA-224,
+                                   BLAKE2s, BLAKE2b, Keccack (F1600), SHA-1,
-                   hash functions  SHA-256, SHA-384, and SHA-512), SHA-3, Tiger,
+                   hash functions  SHA-2 (224/256/384/512), SHA-3 (224/256/384/512),
-                                   WHIRLPOOL, RIPEMD-128, RIPEMD-256, RIPEMD-160,
+                                   SHAKE (128/256), SipHash, SM3, Tiger,
-                                   RIPEMD-320
+                                   RIPEMD (128/160/256/320), WHIRLPOOL
-                                   RSA, DSA, ElGamal, Nyberg-Rueppel (NR),
+                                   RSA, DSA, Determinsitic DSA, ElGamal,
-          public-key cryptography  Rabin-Williams (RW), LUC, LUCELG,
+          public-key cryptography  Nyberg-Rueppel (NR), Rabin-Williams (RW), LUC,
                                   LUCELG, EC-based German Digital Signature (ECGDSA),
                                   DLIES (variants of DHAES), ESIGN
   padding schemes for public-key  PKCS#1 v2.0, OAEP, PSS, PSSR, IEEE P1363
                          systems  EMSA2 and EMSA5
-                                   Diffie-Hellman (DH), Unified Diffie-Hellman
+                                   Diffie-Hellman (DH), Unified Diffie-Hellman (DH2),
-            key agreement schemes  (DH2), Menezes-Qu-Vanstone (MQV), Hashed MQV (HMQV),
+            key agreement schemes  Menezes-Qu-Vanstone (MQV), Hashed MQV (HMQV),
                                   Fully Hashed MQV (FHMQV), LUCDIF, XTR-DH
-      elliptic curve cryptography  ECDSA, ECNR, ECIES, ECDH, ECMQV
+      elliptic curve cryptography  ECDSA, Determinsitic ECDSA, ed25519, ECNR, ECIES,
                                   ECDH, ECMQV, x25519
          insecure or obsolescent  MD2, MD4, MD5, Panama Hash, DES, ARC4, SEAL
 algorithms retained for backwards  3.0, WAKE-OFB, DESX (DES-XEX3), RC2,
@ -49,9 +55,10 @@ algorithms retained for backwards  3.0, WAKE-OFB, DESX (DES-XEX3), RC2,
 Other features include:
-  * pseudo random number generators (PRNG): ANSI X9.17 appendix C, RandomPool
+  * pseudo random number generators (PRNG): ANSI X9.17 appendix C, RandomPool,
    DARN, VIA Padlock, RDRAND, RDSEED, NIST Hash and HMAC DRBGs
  * password based key derivation functions: PBKDF1 and PBKDF2 from PKCS #5,
-    PBKDF from PKCS #12 appendix B, HKDF from RFC 5869
+    PBKDF from PKCS #12 appendix B, HKDF from RFC 5869, Scrypt from RFC 7914
  * Shamir's secret sharing scheme and Rabin's information dispersal algorithm
    (IDA)
  * fast multi-precision integer (bignum) and polynomial operations
@ -60,35 +67,38 @@ Other features include:
  * useful non-cryptographic algorithms
      + DEFLATE (RFC 1951) compression/decompression with gzip (RFC 1952) and
        zlib (RFC 1950) format support
-      + hex, base-32, and base-64 coding/decoding
+      + Hex, base-32, base-64, URL safe base-64 encoding and decoding
      + 32-bit CRC, CRC-C and Adler32 checksum
  * class wrappers for these platform and operating system features (optional):
      + high resolution timers on Windows, Unix, and Mac OS
      + Berkeley and Windows style sockets
      + Windows named pipes
      + /dev/random, /dev/urandom, /dev/srandom
-      + Microsoft's CryptGenRandom on Windows
+      + Microsoft's CryptGenRandom or BCryptGenRandom on Windows
      + VIA Padlock, Amd64 RDRAND and RDSEED
  * A high level interface for most of the above, using a filter/pipeline
    metaphor
  * benchmarks and validation testing
-  * x86, x86_64, MMX, SSE2, SSE4 assembly code for the most commonly used
+  * x86, x64 (x86-64), x32 (ILP32), ARM-32, Aarch32, Aarch64 and Power8 in-core code
-    algorithms, with run-time CPU feature detection and code selection.
+    for the commonly used algorithms
-    Limited ARM NEON and ARMv8 ASIMD, CRC and Crypto extension support
+      + run-time CPU feature detection and code selection
-  * some versions are available in FIPS 140-2 validated form
+      + supports GCC-style and MSVC-style inline assembly, and MASM for x64
      + x86, x64 (x86-64), x32 provides MMX, SSE2, and SSE4 implementations
      + ARM-32, Aarch32 and Aarch64 provides NEON, ASIMD and ARMv8 implementations
      + Power8 provides in-core AES using NX Crypto Acceleration
-You are welcome to use it for any purpose without paying me, but see
+The Crypto++ library was orginally written by Wei Dai. The library is now
-License.txt for the fine print.
+maintained by several team members and the community. You are welcome to use it
 for any purpose without paying anyone, but see License.txt for the fine print.
 The following compilers are supported for this release. Please visit
 http://www.cryptopp.com the most up to date build instructions and porting notes.
-  * MSVC 6.0 - 2015
+  * Visual Studio 2003 - 2017
-  * GCC 3.3 - 7.0
+  * GCC 3.3 - 9.0
-  * Clang 2.9 - 4.0
+  * Apple Clang 4.3 - 9.3
-  * C++Builder 2010
+  * LLVM Clang 2.9 - 7.0
  * C++Builder 2015
  * Intel C++ Compiler 9 - 16.0
-  * Sun Studio 12u1 - 12.5
+  * Sun Studio 12u1 - 12.6
  * IBM XL C/C++ 10.0 - 13.3
 *** Important Usage Notes ***
@ -104,28 +114,24 @@ synchronization when multiple threads access a common Crypto++ object.
 *** MSVC-Specific Information ***
-On Windows, Crypto++ can be compiled into 3 forms: a static library
+To compile Crypto++ with MSVC, open "cryptest.sln" (for MSVC 2003 - 2015)
-including all algorithms, a DLL with only FIPS Approved algorithms, and
+and build one or more of the following projects:
 a static library with only algorithms not in the DLL.
 (FIPS Approved means Approved according to the FIPS 140-2 standard.)
 The DLL may be used by itself, or it may be used together with the second
 form of the static library. MSVC project files are included to build
 all three forms, and sample applications using each of the three forms
 are also included.
 To compile Crypto++ with MSVC, open  "cryptest.sln" (for MSVC 2005 - 2015)
 or "cryptest.dsw" (for MSVC 6 - MSVC .NET 2003) workspace file and build
 one or more of the following projects:
 cryptdll - This builds the DLL. Please note that if you wish to use Crypto++
  as a FIPS validated module, you must use a pre-built DLL that has undergone
  the FIPS validation process instead of building your own.
 dlltest - This builds a sample application that only uses the DLL.
 cryptest Non-DLL-Import Configuration - This builds the full static library
  along with a full test driver.
 cryptest DLL-Import Configuration - This builds a static library containing
  only algorithms not in the DLL, along with a full test driver that uses
  both the DLL and the static library.
 cryptdll - This builds the DLL. Please note that if you wish to use Crypto++
  as a FIPS validated module, you must use a pre-built DLL that has undergone
  the FIPS validation process instead of building your own.
 dlltest - This builds a sample application that only uses the DLL.
 The DLL used to provide FIPS validated cryptography. The library was moved
 to the CMVP's <A HREF=
 "http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-historical.htm">
 Historical Validation List</A>. The library and the DLL are no longer considered
 validated. You should no longer use the DLL.
 To use the Crypto++ DLL in your application, #include "dll.h" before including
 any other Crypto++ header files, and place the DLL in the same directory as
@ -197,6 +203,32 @@ The makefile links to the static version of the Crypto++ library to avoid binary
 planting and other LD_PRELOAD tricks. You should use the static version of the
 library in your programs to help avoid unwanted redirections.
 *** Side Channel Attacks ***
 Crypto++ attempts to resist side channel attacks using various remediations.
 The remdiations are applied as a best effort but are probably incomplete. They
 are incomplete due to cpu speculation bugs like Spectre, Meltdown, Foreshadow.
 The attacks target both cpu caches and internal buffers. Intel generally refers
 to internal buffer attacks as "Microarchitectural Data Sampling" (MDS).
 The library uses hardware instructions when possible for block ciphers, hashes
 and other operations. The hardware acceleration remediates some timing
 attacks. The library also uses cache-aware algoirthms and access patterns
 to minimize leakage cache evictions.
 Some of the public key algorithms have branches and some of the branches depend
 on data that can be private or secret. The branching occurs in some field
 operations like exponentiation over integers and elliptic curves. The branching
 has been minimized but not completely eliminated.
 Crypto++ does not enagage Specter remediations at this time. The GCC options
 for Specter are -mfunction-return=thunk and -mindirect-branch=thunk, and the
 library uses them during testing. If you want the Specter workarounds then add
 the GCC options to your CXXFLAGS when building the library.
 To help resist attacks you should disable hyperthreading on cpus. If you
 suspect or find an information leak then please report it.
 *** Documentation and Support ***
 Crypto++ is documented through inline comments in header files, which are
@ -209,361 +241,169 @@ and code examples.
 If you run into any problems, please try the Crypto++ mailing list.
 The subscription information and the list archive are available on
-http://www.cryptopp.com. You can also email me directly by visiting
+http://www.cryptopp.com.
-http://www.weidai.com, but you will probably get a faster response through
+
-the mailing list.
+*** Source Code and Contributing ***
 The source code and its planned changes are available at the following locations.
  * The Crypto++ GitHub repository allows you to view the latest (unreleased)
    Crypto++ source code via the Linux kernel's git beginning around June 2015.
    Its also serves as an incubator to nuture and grow the library.
  * The former Crypto++ SourceForge repository allows you to view the Crypto++
    source code via Apache's subversion until about July 2015. At that time,
    SourceForge had infrastructure problems and a cutover to GutHub was performed.
  * The Roadmap on the wiki provides the general direction the library is heading.
    It includes planned features and releases, and even some wishlist items.
 Contributions of all types are welcomed. Contributions include the following.
  * Bug finding and fixes
  * Features and enhancements
  * Test scripts and test cases
  * Branch and release testing
  * Documentation and updates
 If you think you have found a bug in the library, then you should discuss it on the
 Users mailing list. Discussing it will help bring the issue to the attention of folks
 who can help resolve the issue. If you want to contribute a bug fix to the library,
 then make a Pull Request or make a Diff available somewhere. Also see Bug Reports on
 the wiki.
 Features and enhancements are welcomend additions to the library. This category tends
 to be time consuming because algorithms and their test cases need to be reviewed and
 merged. Please be mindful of the test cases, and attempt to procure them from an
 independent source.
 The library cherishes test scripts and test cases. They ensure the library is fit and
 they help uncover issues with the library before users experience them. If you have
 some time, then write some test cases, especially the ones that are intended to break
 things.
 Branch and release testing is your chance to ensure Master (and planned merges) meets
 your expectations and perform as expected. If you have a few spare cycles, then please
 test Master on your favorite platform. We need more testing on MinGW, Windows Phone,
 Windows Store, Solaris 10 (and below), and modern iOS and OS X (including TV and
 Watch builds).
 Documentation and updates includes both the inline source code annotations using
 Doxygen, and the online information provided in the wiki. The wiki is more verbose and
 usually provides more contextual information than the API reference. Besides testing,
 documentation is one of the highest returns on investment.
 *** History ***
-1.0 - First public release.  Withdrawn at the request of RSA DSI.
+The items in this section comprise the most recent history. Please see History.txt
-    - included Blowfish, BBS, DES, DH, Diamond, DSA, ElGamal, IDEA,
+for the record back to Crypto++ 1.0.
      MD5, RC4, RC5, RSA, SHA, WAKE, secret sharing, DEFLATE compression
    - had a serious bug in the RSA key generation code.
-1.1 - Removed RSA, RC4, RC5
+8.2.0 - April 28, 2019
-    - Disabled calls to RSAREF's non-public functions
+      - minor release, no recompile of programs required
    - Minor bugs fixed
 2.0 - a completely new, faster multiprecision integer class
    - added MD5-MAC, HAVAL, 3-WAY, TEA, SAFER, LUC, Rabin, BlumGoldwasser,
      elliptic curve algorithms
    - added the Lucas strong probable primality test
    - ElGamal encryption and signature schemes modified to avoid weaknesses
    - Diamond changed to Diamond2 because of key schedule weakness
    - fixed bug in WAKE key setup
    - SHS class renamed to SHA
    - lots of miscellaneous optimizations
 2.1 - added Tiger, HMAC, GOST, RIPE-MD160, LUCELG, LUCDIF, XOR-MAC,
      OAEP, PSSR, SHARK
    - added precomputation to DH, ElGamal, DSA, and elliptic curve algorithms
    - added back RC5 and a new RSA
    - optimizations in elliptic curves over GF(p)
    - changed Rabin to use OAEP and PSSR
    - changed many classes to allow copy constructors to work correctly
    - improved exception generation and handling
 2.2 - added SEAL, CAST-128, Square
    - fixed bug in HAVAL (padding problem)
    - fixed bug in triple-DES (decryption order was reversed)
    - fixed bug in RC5 (couldn't handle key length not a multiple of 4)
    - changed HMAC to conform to RFC-2104 (which is not compatible
      with the original HMAC)
    - changed secret sharing and information dispersal to use GF(2^32)
      instead of GF(65521)
    - removed zero knowledge prover/verifier for graph isomorphism
    - removed several utility classes in favor of the C++ standard library
 2.3 - ported to EGCS
    - fixed incomplete workaround of min/max conflict in MSVC
 3.0 - placed all names into the "CryptoPP" namespace
    - added MD2, RC2, RC6, MARS, RW, DH2, MQV, ECDHC, CBC-CTS
    - added abstract base classes PK_SimpleKeyAgreementDomain and
      PK_AuthenticatedKeyAgreementDomain
    - changed DH and LUCDIF to implement the PK_SimpleKeyAgreementDomain
      interface and to perform domain parameter and key validation
    - changed interfaces of PK_Signer and PK_Verifier to sign and verify
      messages instead of message digests
    - changed OAEP to conform to PKCS#1 v2.0
    - changed benchmark code to produce HTML tables as output
    - changed PSSR to track IEEE P1363a
    - renamed ElGamalSignature to NR and changed it to track IEEE P1363
    - renamed ECKEP to ECMQVC and changed it to track IEEE P1363
    - renamed several other classes for clarity
    - removed support for calling RSAREF
    - removed option to compile old SHA (SHA-0)
    - removed option not to throw exceptions
 3.1 - added ARC4, Rijndael, Twofish, Serpent, CBC-MAC, DMAC
    - added interface for querying supported key lengths of symmetric ciphers
      and MACs
    - added sample code for RSA signature and verification
    - changed CBC-CTS to be compatible with RFC 2040
    - updated SEAL to version 3.0 of the cipher specification
    - optimized multiprecision squaring and elliptic curves over GF(p)
    - fixed bug in MARS key setup
    - fixed bug with attaching objects to Deflator
 3.2 - added DES-XEX3, ECDSA, DefaultEncryptorWithMAC
    - renamed DES-EDE to DES-EDE2 and TripleDES to DES-EDE3
    - optimized ARC4
    - generalized DSA to allow keys longer than 1024 bits
    - fixed bugs in GF2N and ModularArithmetic that can cause calculation errors
    - fixed crashing bug in Inflator when given invalid inputs
    - fixed endian bug in Serpent
    - fixed padding bug in Tiger
 4.0 - added Skipjack, CAST-256, Panama, SHA-2 (SHA-256, SHA-384, and SHA-512),
      and XTR-DH
    - added a faster variant of Rabin's Information Dispersal Algorithm (IDA)
    - added class wrappers for these operating system features:
      - high resolution timers on Windows, Unix, and MacOS
      - Berkeley and Windows style sockets
      - Windows named pipes
      - /dev/random and /dev/urandom on Linux and FreeBSD
      - Microsoft's CryptGenRandom on Windows
    - added support for SEC 1 elliptic curve key format and compressed points
    - added support for X.509 public key format (subjectPublicKeyInfo) for
      RSA, DSA, and elliptic curve schemes
    - added support for DER and OpenPGP signature format for DSA
    - added support for ZLIB compressed data format (RFC 1950)
    - changed elliptic curve encryption to use ECIES (as defined in SEC 1)
    - changed MARS key schedule to reflect the latest specification
    - changed BufferedTransformation interface to support multiple channels
      and messages
    - changed CAST and SHA-1 implementations to use public domain source code
    - fixed bug in StringSource
    - optmized multi-precision integer code for better performance
 4.1 - added more support for the recommended elliptic curve parameters in SEC 2
    - added Panama MAC, MARC4
    - added IV stealing feature to CTS mode
    - added support for PKCS #8 private key format for RSA, DSA, and elliptic
      curve schemes
    - changed Deflate, MD5, Rijndael, and Twofish to use public domain code
    - fixed a bug with flushing compressed streams
    - fixed a bug with decompressing stored blocks
    - fixed a bug with EC point decompression using non-trinomial basis
    - fixed a bug in NetworkSource::GeneralPump()
    - fixed a performance issue with EC over GF(p) decryption
    - fixed syntax to allow GCC to compile without -fpermissive
    - relaxed some restrictions in the license
 4.2 - added support for longer HMAC keys
    - added MD4 (which is not secure so use for compatibility purposes only)
    - added compatibility fixes/workarounds for STLport 4.5, GCC 3.0.2,
      and MSVC 7.0
    - changed MD2 to use public domain code
    - fixed a bug with decompressing multiple messages with the same object
    - fixed a bug in CBC-MAC with MACing multiple messages with the same object
    - fixed a bug in RC5 and RC6 with zero-length keys
    - fixed a bug in Adler32 where incorrect checksum may be generated
 5.0 - added ESIGN, DLIES, WAKE-OFB, PBKDF1 and PBKDF2 from PKCS #5
    - added key validation for encryption and signature public/private keys
    - renamed StreamCipher interface to SymmetricCipher, which is now implemented
      by both stream ciphers and block cipher modes including ECB and CBC
    - added keying interfaces to support resetting of keys and IVs without
      having to destroy and recreate objects
    - changed filter interface to support non-blocking input/output
    - changed SocketSource and SocketSink to use overlapped I/O on Microsoft Windows
    - grouped related classes inside structs to help templates, for example
      AESEncryption and AESDecryption are now AES::Encryption and AES::Decryption
    - where possible, typedefs have been added to improve backwards
      compatibility when the CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY macro is defined
    - changed Serpent, HAVAL and IDEA to use public domain code
    - implemented SSE2 optimizations for Integer operations
    - fixed a bug in HMAC::TruncatedFinal()
    - fixed SKIPJACK byte ordering following NIST clarification dated 5/9/02
 5.01 - added known answer test for X9.17 RNG in FIPS 140 power-up self test
     - submitted to NIST/CSE, but not publicly released
 5.02 - changed EDC test to MAC integrity check using HMAC/SHA1
     - improved performance of integrity check
     - added blinding to defend against RSA timing attack
 5.03 - created DLL version of Crypto++ for FIPS 140-2 validation
     - fixed vulnerabilities in GetNextIV for CTR and OFB modes
 5.0.4 - Removed DES, SHA-256, SHA-384, SHA-512 from DLL
 5.1 - added PSS padding and changed PSSR to track IEEE P1363a draft standard
    - added blinding for RSA and Rabin to defend against timing attacks
      on decryption operations
    - changed signing and decryption APIs to support the above
    - changed WaitObjectContainer to allow waiting for more than 64
      objects at a time on Win32 platforms
    - fixed a bug in CBC and ECB modes with processing non-aligned data
    - fixed standard conformance bugs in DLIES (DHAES mode) and RW/EMSA2
      signature scheme (these fixes are not backwards compatible)
    - fixed a number of compiler warnings, minor bugs, and portability problems
    - removed Sapphire
 5.2 - merged in changes for 5.01 - 5.0.4
    - added support for using encoding parameters and key derivation parameters
      with public key encryption (implemented by OAEP and DL/ECIES)
    - added Camellia, SHACAL-2, Two-Track-MAC, Whirlpool, RIPEMD-320,
      RIPEMD-128, RIPEMD-256, Base-32 coding, FIPS variant of CFB mode
    - added ThreadUserTimer for timing thread CPU usage
    - added option for password-based key derivation functions
      to iterate until a mimimum elapsed thread CPU time is reached
    - added option (on by default) for DEFLATE compression to detect
      uncompressible files and process them more quickly
    - improved compatibility and performance on 64-bit platforms,
      including Alpha, IA-64, x86-64, PPC64, Sparc64, and MIPS64
    - fixed ONE_AND_ZEROS_PADDING to use 0x80 instead 0x01 as padding.
    - fixed encoding/decoding of PKCS #8 privateKeyInfo to properly
      handle optional attributes
 5.2.1 - fixed bug in the "dlltest" DLL testing program
      - fixed compiling with STLport using VC .NET
      - fixed compiling with -fPIC using GCC
      - fixed compiling with -msse2 on systems without memalign()
      - fixed inability to instantiate PanamaMAC
      - fixed problems with inline documentation
 5.2.2 - added SHA-224
      - put SHA-256, SHA-384, SHA-512, RSASSA-PSS into DLL
 5.2.3 - fixed issues with FIPS algorithm test vectors
      - put RSASSA-ISO into DLL
 5.3 - ported to MSVC 2005 with support for x86-64
    - added defense against AES timing attacks, and more AES test vectors
    - changed StaticAlgorithmName() of Rijndael to "AES", CTR to "CTR"
 5.4 - added Salsa20
    - updated Whirlpool to version 3.0
    - ported to GCC 4.1, Sun C++ 5.8, and Borland C++Builder 2006
 5.5 - added VMAC and Sosemanuk (with x86-64 and SSE2 assembly)
    - improved speed of integer arithmetic, AES, SHA-512, Tiger, Salsa20,
      Whirlpool, and PANAMA cipher using assembly (x86-64, MMX, SSE2)
    - optimized Camellia and added defense against timing attacks
    - updated benchmarks code to show cycles per byte and to time key/IV setup
    - started using OpenMP for increased multi-core speed
    - enabled GCC optimization flags by default in GNUmakefile
    - added blinding and computational error checking for RW signing
    - changed RandomPool, X917RNG, GetNextIV, DSA/NR/ECDSA/ECNR to reduce
      the risk of reusing random numbers and IVs after virtual machine state
      rollback
    - changed default FIPS mode RNG from AutoSeededX917RNG<DES_EDE3> to
      AutoSeededX917RNG<AES>
    - fixed PANAMA cipher interface to accept 256-bit key and 256-bit IV
    - moved MD2, MD4, MD5, PanamaHash, ARC4, WAKE_CFB into the namespace "Weak"
    - removed HAVAL, MD5-MAC, XMAC
 5.5.1 - fixed VMAC validation failure on 32-bit big-endian machines
 5.5.2 - ported x64 assembly language code for AES, Salsa20, Sosemanuk, and Panama
        to MSVC 2005 (using MASM since MSVC doesn't support inline assembly on x64)
      - fixed Salsa20 initialization crash on non-SSE2 machines
      - fixed Whirlpool crash on Pentium 2 machines
      - fixed possible branch prediction analysis (BPA) vulnerability in
        MontgomeryReduce(), which may affect security of RSA, RW, LUC
      - fixed link error with MSVC 2003 when using "debug DLL" form of runtime library
      - fixed crash in SSE2_Add on P4 machines when compiled with
        MSVC 6.0 SP5 with Processor Pack
      - ported to MSVC 2008, GCC 4.2, Sun CC 5.9, Intel C++ Compiler 10.0,
        and Borland C++Builder 2007
 5.6.0 - added AuthenticatedSymmetricCipher interface class and Filter wrappers
      - added CCM, GCM (with SSE2 assembly), EAX, CMAC, XSalsa20, and SEED
      - added support for variable length IVs
      - added OIDs for Brainpool elliptic curve parameters
      - improved AES and SHA-256 speed on x86 and x64
      - changed BlockTransformation interface to no longer assume data alignment
      - fixed incorrect VMAC computation on message lengths
        that are >64 mod 128 (x86 assembly version is not affected)
      - fixed compiler error in vmac.cpp on x86 with GCC -fPIC
      - fixed run-time validation error on x86-64 with GCC 4.3.2 -O2
      - fixed HashFilter bug when putMessage=true
      - fixed AES-CTR data alignment bug that causes incorrect encryption on ARM
      - removed WORD64_AVAILABLE; compiler support for 64-bit int is now required
      - ported to GCC 4.3, C++Builder 2009, Sun CC 5.10, Intel C++ Compiler 11
 5.6.1 - added support for AES-NI and CLMUL instruction sets in AES and GMAC/GCM
      - removed WAKE-CFB
      - fixed several bugs in the SHA-256 x86/x64 assembly code:
          * incorrect hash on non-SSE2 x86 machines on non-aligned input
          * incorrect hash on x86 machines when input crosses 0x80000000
          * incorrect hash on x64 when compiled with GCC with optimizations enabled
      - fixed bugs in AES x86 and x64 assembly causing crashes in some MSVC build configurations
      - switched to a public domain implementation of MARS
      - ported to MSVC 2010, GCC 4.5.1, Sun Studio 12u1, C++Builder 2010, Intel C++ Compiler 11.1
      - renamed the MSVC DLL project to "cryptopp" for compatibility with MSVC 2010
 5.6.2 - changed license to Boost Software License 1.0
      - added SHA-3 (Keccak)
      - updated DSA to FIPS 186-3 (see DSA2 class)
      - fixed Blowfish minimum keylength to be 4 bytes (32 bits)
      - fixed Salsa validation failure when compiling with GCC 4.6
      - fixed infinite recursion when on x64, assembly disabled, and no AESNI
      - ported to MSVC 2012, GCC 4.7, Clang 3.2, Solaris Studio 12.3, Intel C++ Compiler 13.0
 5.6.3 - maintenance release, honored API/ABI/Versioning requirements
      - expanded processes to include community and its input
          * 12 unique contributors for this release
      - fixed CVE-2015-2141
      - cleared most Undefined Behavior Sanitizer (UBsan) findings
      - cleared all Address Sanitizer (Asan) findings
      - cleared all Valgrind findings
      - cleared all Coverity findings
      - cleared all Enterprise Analysis (/analyze) findings
      - cleared most GCC warnings with -Wall
      - cleared most Clang warnings with -Wall
      - cleared most MSVC warnings with /W4
      - added -fPIC 64-bit builds. Off by default for i386
      - added HKDF class from RFC 5868
      - switched to member_ptr due to C++ 11 warnings for auto_ptr
      - initialization of C++ static objects, off by default
          * GCC and init_priotirty/constructor attributes
          * MSVC and init_seg(lib)
          * CRYPTOPP_INIT_PRIORITY disabled by default, but available
      - improved OS X support
      - improved GNUmakefile support for Testing and QA
      - added self tests for additional Testing and QA
      - added cryptest.sh for systematic Testing and QA
      - added GNU Gold linker support
      - added Visual Studio 2010 solution and project files in vs2010.zip
      - added Clang integrated assembler support
      - unconditionally define CRYPTOPP_NO_UNALIGNED_DATA_ACCESS for Makefile
        target 'ubsan' and at -O3 due to GCC vectorization on x86 and x86_64
      - workaround ARMEL/GCC 5.2 bug and failed self test
      - fixed crash in MQV due to GCC 4.9+ and inlining
      - fixed hang in SHA due to GCC 4.9+ and inlining
      - fixed missing rdtables::Te under VS with ALIGNED_DATA_ACCESS
      - fixed S/390 and big endian feature detection
      - fixed S/390 and int128_t/uint128_t detection
      - fixed X32 (ILP32) feature detection
      - removed  _CRT_SECURE_NO_DEPRECATE for Microsoft platforms
      - utilized bound checking interfaces from ISO/IEC TR 24772 when available
      - improved ARM, ARM64, MIPS, MIPS64, S/390 and X32 (ILP32) support
      - introduced CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY_562
      - added additional Doxygen-based documentation
      - ported to MSVC 2015, Xcode 7.2, GCC 5.2, Clang 3.7, Intel C++ 16.00
 5.6.4 - maintenance release, honored API/ABI/Versioning requirements
      - expanded community input and support
-          * 22 unique contributors for this release
+        * 56 unique contributors as of this release
-      - fixed CVE-2016-3995
+      - use PowerPC unaligned loads and stores with Power8
-      - changed SHA3 to FIPS 202 (F1600, XOF d=0x06)
+      - add SKIPJACK test vectors
-      - added Keccak (F1600, XOF d=0x01)
+      - fix SHAKE-128 and SHAKE-256 compile
-      - added ChaCha (ChaCha8/12/20)
+      - removed IS_NEON from Makefile
-      - added HMQV and FHMQV
+      - fix Aarch64 build on Fedora 29
-          * Hashed and Fully Hashed MQV
+      - fix missing GF2NT_233_Multiply_Reduce_CLMUL in FIPS DLL
-      - added BLAKE2 (BLAKE2s and BLAKE2b)
+      - add missing BLAKE2 constructors
-          * C++, SSE2, SSE4, ARM NEON and ARMv8 ASIMD
+      - fix missing BlockSize() in BLAKE2 classes
      - added CRC32-C
          * C/C++, Amd64 CRC, and ARMv8 CRC
      - improved Rabin-William signatures
          * Tweaked roots <em>e</em> and <em>f</em>
      - improved C++11 support
          * atomics, threads and fences
          * alginof, alignas
          * constexpr
          * noexcept
      - improved GCM mode
          * ARM NEON and ARMv8 ASIMD
          * ARMv8 carry-less multiply
      - improved Windows 8 and 10 support
          * Windows Phone, Universal Windows Platform, Windows Store
      - improved MIPS, ARMv7 and ARMv8 support
          * added scripts setenv-{android|embedded|ios}.sh for GNUmakefile-cross
          * aggressive use of -march=<arch> and -mfpu=<fpu> in cryptest.sh
      - improved build systems
          * Visual Studio 2010 default
          * added CMake support (lacks FindCryptopp.cmake)
          * archived VC++ 5/0/6.0 project files (vc60.zip)
          * archived VS2005 project files (vs2005.zip)
          * archived Borland project files (bds10.zip)
      - improved Testing and QA
          * expanded platforms and compilers
          * added code generation tests based on CPU features
          * added C++03, C++11, C++14, C++17 testing
          * added -O3, -O5, -Ofast and -Os testing
      - ported to MSVC 2015 SP3, Xcode 9.0, Sun Studio 12.5, GCC 7.0, MacPorts GCC 7.0, Clang 3.8, Intel C++ 17.00
-Written by Wei Dai and the Crypto++ Project
+8.1.0 - February 22, 2019
      - minor release, no recompile of programs required
      - expanded community input and support
        * 56 unique contributors as of this release
      - fix OS X PowerPC builds with Clang
      - add Microsoft ARM64 support
      - fix iPhone Simulator build due to missing symbols
      - add CRYPTOPP_BUGGY_SIMD_LOAD_AND_STORE
      - add carryless multiplies for NIST b233 and k233 curves
      - fix OpenMP build due to use of OpenMP 4 with down-level compilers
      - add SignStream and VerifyStream for ed25519 and large files
      - fix missing AlgorithmProvider in PanamaHash
      - add SHAKE-128 and SHAKE-256
      - fix AVX2 build due to _mm256_broadcastsi128_si256
      - add IETF ChaCha, XChaCha, ChaChaPoly1305 and XChaChaPoly1305
 8.0.0 - December 28, 2018
      - major release, recompile of programs required
      - expanded community input and support
         * 54 unique contributors as of this release
      - add x25519 key exchange and ed25519 signature scheme
      - add limited Asymmetric Key Package support from RFC 5958
      - add Power9 DARN random number generator support
      - add CHAM, HC-128, HC-256, Hight, LEA, Rabbit, Simeck
      - fix FixedSizeAllocatorWithCleanup may be unaligned on some platforms
      - cutover to GNU Make-based cpu feature tests
      - rename files with dashes to underscores
      - fix LegacyDecryptor and LegacyDecryptorWithMAC use wrong MAC
      - fix incorrect AES/CBC decryption on Windows
      - avoid Singleton<T> when possible, avoid std::call_once completely
      - fix SPARC alignment problems due to GetAlignmentOf<T>() on word64
      - add ARM AES asm implementation from Cryptogams
      - remove CRYPTOPP_ALLOW_UNALIGNED_DATA_ACCESS support
 7.0.0 - April 8, 2018
      - major release, recompile of programs required
      - expanded community input and support
         * 48 unique contributors as of this release
      - fix incorrect result when using Integer::ModInverse
         * may be CVE worthy, but request was not submitted
      - fix ARIA/CTR bus error on Sparc64
      - fix incorrect result when using a_exp_b_mod_c
      - fix undeclared identifier uint32_t on early Visual Studio
      - fix iPhoneSimulator build on i386
      - fix incorrect adler32 in ZlibDecompressor
      - fix Power7 test using PPC_FEATURE_ARCH_2_06
      - workaround incorrect Glibc sysconf return value on ppc64-le
      - add KeyDerivationFunction interface
      - add scrypt key derivation function
      - add Salsa20_Core transform callable from outside class
      - add sbyte, sword16, sword32 and sword64
      - remove s_nullNameValuePairs from unnamed namespace
      - ported to MSVC 2017, Xcode 9.3, Sun Studio 12.5, GCC 8.0.1,
        MacPorts GCC 7.0, Clang 4.0, Intel C++ 17.00, IBM XL C/C++ 13.1
 6.1.0 - February 22, 2018
      - minor release, maintenance items
      - expanded community input and support
         * 46 unique contributors as of this release
      - use 2048-bit modulus default for DSA
      - fix build under Linuxbrew
      - use /bin/sh in GNUmakefile
      - fix missing flags for SIMON and SPECK in GNUMakefile-cross
      - fix ARM and MinGW misdetection
      - port setenv-android.sh to latest NDK
      - fix Clang check for C++11 lambdas
      - Simon and Speck to little-endian implementation
      - use LIB_MAJOR for ABI compatibility
      - fix ODR violation in AdvancedProcessBlocks_{ARCH} templates
      - handle C++17 std::uncaught_exceptions
      - ported to MSVC 2017, Xcode 8.1, Sun Studio 12.5, GCC 8.0.1,
        MacPorts GCC 7.0, Clang 4.0, Intel C++ 17.00, IBM XL C/C++ 13.1
 6.0.0 - January 22, 2018
      - major release, recompile of programs required
      - expanded community input and support
         * 43 unique contributors as of this release
      - fixed CVE-2016-9939 (Issue 346, transient DoS)
      - fixed CVE-2017-9434 (Issue 414, misidentified memory error)
      - converted to BASE+SIMD implementation
         * BASE provides an architecture neutral C++ implementation
         * SIMD provides architecture specific hardware acceleration
      - improved PowerPC Power4, Power7 and Power8 support
      - added ARIA, EC German DSA, Deterministic signatures (RFC 6979),
        Kalyna, NIST Hash and HMAC DRBG, Padlock RNG, Poly1305, SipHash,
        Simon, Speck, SM3, SM4, Threefish algorithms
      - added NaCl interface from the compact library
         * x25519 key exhange and ed25519 signing provided through NaCl interface
      - improved Testing and QA
      - ported to MSVC 2017, Xcode 8.1, Sun Studio 12.5, GCC 7.3,
        MacPorts GCC 7.0, Clang 4.0, Intel C++ 17.00, IBM XL C/C++ 13.1
 June 2015 - Changing of the guard. Wei Dai turned the library over to the
        community. The first community release was Crypto++ 5.6.3. Wei is
        no longer involved with the daily operations of the project. Wei
        still provides guidance when we have questions.
 Originally written by Wei Dai, maintained by the Crypto++ Project
--- a/TestData/aria.dat
+++ b/TestData/aria.dat
@ -0,0 +1,45 @@
 0123456789ABCDEFFEDCBA9876543210 0123456789ABCDEFFEDCBA9876543210 7DC1917AE0D38FAE8D4A7D1959AEF27C
 80000000000000000000000000000000 00000000000000000000000000000000 4ABA3055788204D82F4539D81BC9384B
 00000000000000000000000000000001 00000000000000000000000000000000 5FA57C3B2E71144C3E5E1E9BE4F0FE7E
 00000000000000000000000000000000 80000000000000000000000000000000 92E51E737DABB6BFD0EABC8D32224F77
 00000000000000000000000000000000 00000000000000000000000000000001 B426E1A441F6DBFC2B2D2412D0066D20
 00000000000000000000000000000000 00000000000000000000000000000000 4B40A63C7F0171EE3CDDA4363FBFAE75
 01010101010101010101010101010101 01010101010101010101010101010101 CCE5D964A71D7A5E93986BCA572BB050
 02020202020202020202020202020202 02020202020202020202020202020202 A04100328F459F6AAE8EBAB3B5FE90A8
 04040404040404040404040404040404 04040404040404040404040404040404 BFE5C38FE204ADC614A321786CDCA08E
 08080808080808080808080808080808 08080808080808080808080808080808 95A3371D4879057FAEB2E573CCE8A7F5
 10101010101010101010101010101010 10101010101010101010101010101010 80AF7861CA5855FBED523345D36619EC
 20202020202020202020202020202020 20202020202020202020202020202020 82E9D82550AECD0E0BB1B63E4B30CEC3
 40404040404040404040404040404040 40404040404040404040404040404040 C80C04BA36ED0DA52B3E6CB430617FAC
 80808080808080808080808080808080 80808080808080808080808080808080 41305D0632AC493419B04F3BCDBA6AE4
 FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF B99D80EF798362ACEB9E960AAE7EECC2
 0123456789ABCDEFFEDCBA98765432100011223344556677 0123456789ABCDEFFEDCBA9876543210 6DC2DBDAC3C563E522F5A75942B8AFAC
 800000000000000000000000000000000000000000000000 00000000000000000000000000000000 F9BA9C6E7E3C86FAE4BEB607F387548E
 000000000000000000000000000000000000000000000001 00000000000000000000000000000000 5BC2C08F01C0CDC2F983073CBE9194D2
 000000000000000000000000000000000000000000000000 80000000000000000000000000000000 AE56BF59874ED4DBD7B905878894ADEE
 000000000000000000000000000000000000000000000000 00000000000000000000000000000001 D53236B0CDE20C26F57675A7405A9F98
 000000000000000000000000000000000000000000000000 00000000000000000000000000000000 D5526B5E6A1E3DF23AD8ECAF20F281D0
 010101010101010101010101010101010101010101010101 01010101010101010101010101010101 6E4C91AB71707075F375FFB7B3D27328
 020202020202020202020202020202020202020202020202 02020202020202020202020202020202 D686D2A6F3BBBC5E703528FD4B1DBA8F
 040404040404040404040404040404040404040404040404 04040404040404040404040404040404 ADE1730DA6F15693FD9F063DFC8EC4D1
 080808080808080808080808080808080808080808080808 08080808080808080808080808080808 6A3FCA9070151FF14142B1700BE075EB
 101010101010101010101010101010101010101010101010 10101010101010101010101010101010 773EC2820CCD29CA650DEA05E04CEB80
 202020202020202020202020202020202020202020202020 20202020202020202020202020202020 531A8B8F5F1228E16B57E5365A1FB02B
 404040404040404040404040404040404040404040404040 40404040404040404040404040404040 C0166DB2A70DF611921E7F0AB0E0F15D
 808080808080808080808080808080808080808080808080 80808080808080808080808080808080 70F3361D505A220B1C2328EBE32ED731
 FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF F275975CCC163ED53AA0510443239638
 0123456789ABCDEFFEDCBA987654321000112233445566778899AABBCCDDEEFF 0123456789ABCDEFFEDCBA9876543210 2F4792014AE2D9B812ADBAC663DC762B
 8000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000 9250C9771F5A5A8612400AA917491263
 0000000000000000000000000000000000000000000000000000000000000001 00000000000000000000000000000000 1A6AED07EC57E4373E988BFBB396406F
 0000000000000000000000000000000000000000000000000000000000000000 80000000000000000000000000000000 209ACF63CE6DFB56B1F9821DDBFE86E3
 0000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000001 678FFFFDCE3177605F9320FEC4D30B5E
 0000000000000000000000000000000000000000000000000000000000000000 00000000000000000000000000000000 C20857DD9106DDDE286EC59FA98D77CC
 0101010101010101010101010101010101010101010101010101010101010101 01010101010101010101010101010101 15C28D4EC27D8BEDDD8E6B3745A9A261
 0202020202020202020202020202020202020202020202020202020202020202 02020202020202020202020202020202 5279DA1773C078835D506B25FED6513E
 0404040404040404040404040404040404040404040404040404040404040404 04040404040404040404040404040404 7AED38F56F62FC75F7DB88F7E59D0B02
 0808080808080808080808080808080808080808080808080808080808080808 08080808080808080808080808080808 6EB3C2BC1AC20926E860E688786DB872
 1010101010101010101010101010101010101010101010101010101010101010 10101010101010101010101010101010 54A8718B4DD1A03B1A4ED06C30B9E6AB
 2020202020202020202020202020202020202020202020202020202020202020 20202020202020202020202020202020 A876FA5538F926B373702DABF33025B6
 4040404040404040404040404040404040404040404040404040404040404040 40404040404040404040404040404040 B71AB43F56E09592E69E315E7CD06E8A
 8080808080808080808080808080808080808080808080808080808080808080 80808080808080808080808080808080 E975FB1435D92A0CF3E1A2487774D699
 FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 6C833E3962286C0DE0395446ED30F646
--- a/TestData/defdmac1.bin
+++ b/TestData/defdmac1.bin
@ -0,0 +1 @@
 nCBţpIbź_¤_ĺ|źâ+"w˙¶¶†Ž˝í#Aýíż‡„nŢmÖéŠČ‡ű%±––kXřťąRňłüw`Ză‘^s.+ÚÚµ<C39A>ř„Š`ŠÝBf]zó•}¦R`}\ŘdiśbfttÉ^ř˛
--- a/TestData/defdmac2.bin
+++ b/TestData/defdmac2.bin
--- a/TestData/ecies_p160.dat
+++ b/TestData/ecies_p160.dat
@ -0,0 +1 @@
 3081C80201003081A406072A8648CE3D0201308198020101302006072A8648CE3D0101021500FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF302C0414FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC04141C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA450429044A96B5688EF573284664698968C38BB913CBFC8223A628553168947D59DCC912042351377AC5FB3202150100000000000000000001F4C8F927AED3CA752257020101041C301A02010104150023A68821ABB99DBB8429ED2320D61A8EA4C6D81B
--- a/TestData/ecies_t163.dat
+++ b/TestData/ecies_t163.dat
@ -0,0 +1 @@
 3081D10201003081AD06072A8648CE3D02013081A1020101302506072A8648CE3D0102301A020200A306092A8648CE3D010203033009020103020106020107302E041507B6882CAAEFA84F9554FF8428BD88E246D2782AE204150713612DCDDCB40AAB946BDA29CA91F73AF958AFD9042B040369979697AB43897789566789567F787A7876A65400435EDB42EFAFB2989D51FEFCE3C80988F41FF883021503FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B020102041C301A02010104150003693AB4D83EE8B544548BE7647AEA0EA64E8211
--- a/TestData/ed25519.dat
+++ b/TestData/ed25519.dat
@ -0,0 +1 @@
 302E020100300506032B65700422042098C59D3F097FB23D44BA90791281B453258D691A55AF5CE4F1EE712FDF91AE6D
--- a/TestData/ed25519v0.dat
+++ b/TestData/ed25519v0.dat
@ -0,0 +1 @@
 302E020100300506032B65700422042030BF776A497D7F1E0E26AC4FB03F5BE7E187DDFEFB914CD292A6FEDB7F70CE6B
--- a/TestData/ed25519v1.dat
+++ b/TestData/ed25519v1.dat
@ -0,0 +1 @@
 3053020101300506032B6570042204206861FD53C7643DABDCDF4C3969CE44A156BAC261242A5AAEC140EDE510071C6CA12303210029CF90E6C1CF1ADC7105720303B2EE303412D2B682C6FEEF3D8736A286B2E27F
--- a/TestData/elgc1024.dat
+++ b/TestData/elgc1024.dat
@ -1 +1 @@
-3082018E028181008B333697371663F8869E3EC80A414E46BBAFE41F6D40E754A01ADA60FE7D12ACD16DE311C4115293114F6B92A54195909276380F04BCD4ED5CD993ED7F516DF7A752B928E5035E0D3A1A979A1CDE8387734338793C02001D59B662D4FC8F2BF0EABB1F553F9F46F57E74BCABCBA4E458812DB601FCD04609D435317181236B9702010202818038FBC56751763146BC107ECC59E9BAD3852EBC38799B41B40EF5745810BCF9DCC6D569B7E61063EA358B0DF2A194910029B72A9CFD11AD240681D3F976EDCB18D79C0530AB2944DC1E314C2B520BE23066C802754C19BF2EC15DE0439E2663383CEA5163DC857B6A5F91079F54FB47C9B33F23A9EB6B3FCBA8581524B3EC5C75028181008B333697371663F8869E3EC80A414E46BBAFE41F6D40E754A01ADA60FE7D12ACD16DE311C4115293114F6B92A54195909276380F04BCD4ED5CD993ED7F516DF7A752B928E5035E0D3A1A979A1CDE8387734338793C02001D59B662D4FC8F2BF0EABB1F553F9F46F57E74BC7F3EC6725F2FC0A6155ADCA43CEE7319E623824852
+308201360201003082011606062B0E070201013082010A02818100D18892CC35AD9E532C53810019E525CDE08882E6344D6787C366B171D68948F53D74F7923B148E0A0B4C9B956D695384DE24AC3034000B3C4AD4C8226470BBD88B5B053BCCB01E608B1352D6ED16324745253BDB204308E065368CB9D75ACDB290E671BD4CA1608500BFACD758E6E9EFAC8CCBAD83BE7E397A62E4F55634FC3B02818068C449661AD6CF299629C0800CF292E6F04441731A26B3C3E1B358B8EB44A47A9EBA7BC91D8A470505A64DCAB6B4A9C26F1256181A00059E256A641132385DEC45AD829DE6580F304589A96B768B1923A2929DED90218470329B465CEBAD66D9487338DEA650B042805FD66BAC7374F7D64665D6C1DF3F1CBD31727AAB1A7E1D0201030417021504ED7AED68B1A5EFDE11262210D9F1121D4A119CE8
--- a/TestData/rsa2048a.dat
+++ b/TestData/rsa2048a.dat
@ -0,0 +1,77 @@
 30 82 04 bd 02 01 00 30 0d 06 09 2a 86 48 86 f7
 0d 01 01 01 05 00 04 82 04 a7 30 82 04 a3 02 01
 00 02 82 01 01 00 d2 54 95 37 95 5e 3b f5 1e f0
 29 dc d3 c7 b7 08 e8 a2 fe 84 ed 16 52 c9 cf 06
 73 6b 1b 6d 5b 31 50 21 77 af d6 f9 bf ea 2a c3
 ca 7d 52 58 f8 8d 12 bb c1 01 ac 19 7a 33 de 9e
 52 91 a4 94 65 04 cb 34 dd 3b 5b 7b db c8 5e 1a
 b4 91 48 c2 a1 fd 9e 10 9d a6 df 9f 63 70 e9 3c
 ff fc 71 7b dc 08 97 00 64 8c ed 5a 78 ce 56 38
 ee 0a 36 0d 4a 9f 3a b7 7f ea 38 9d 83 cd 4a fa
 2c 92 fd ae 68 74 7d 25 4b 26 65 97 cc 21 43 ae
 ec 6d 5b 90 ec ec 45 de fb f1 7e c3 58 95 a2 e7
 e3 16 82 a4 a9 0b 77 05 7c d6 cd b8 95 d1 27 b5
 db c5 33 63 f1 92 1c 3f 25 82 bf d1 8a 89 c4 65
 c0 e9 07 e5 ba 17 b5 36 30 d7 a7 1c f3 bf 16 00
 76 99 f1 d9 7c db 2b 52 ca c6 22 6d d6 ba 7f 16
 27 f0 c1 ee 3f 8d ad 4a 69 48 41 57 8d 57 0e a8
 a4 bb c6 3c 41 5d 7e 42 49 3b 3b 8d b5 b0 88 f3
 2d 50 1b ec 0e ff 02 03 01 00 01 02 82 01 01 00
 89 11 50 10 e2 09 80 3f 54 c3 24 34 e1 da d4 00
 3d 43 03 64 f2 f0 ca 50 f3 d6 7b 5f 00 87 ba 97
 1f 66 40 0e 5a a5 75 99 0f f7 7a 3d 43 6d f1 c4
 55 c1 ff 9c ac 60 0a 10 45 72 9d d2 86 13 a2 e5
 85 db d4 94 bb 20 b3 71 17 4a 86 03 ec 0b d2 ef
 69 93 e0 79 80 5f e9 b9 0a 76 93 48 1b 58 a1 63
 03 ac e0 da 2a 4f fc 4c 53 4a 54 6e 59 1d 3e 55
 18 39 bf 65 8f 31 af 54 19 19 81 f4 e4 d7 44 ff
 fe 73 2b 57 28 4b 2f 43 53 81 d2 b1 e0 ad a4 88
 b2 11 ae d3 3a 7f e6 de c4 41 bb 22 07 1a 15 a7
 c0 d6 b2 69 4d 01 c8 21 aa b8 9a 3b 3a ad 49 8d
 ae 53 b3 8c b4 7f 2a 23 f4 0c 73 53 4f 2f c5 d5
 1d 22 68 6a b9 31 0a 9c ba 79 59 12 e9 59 d4 1e
 80 7a 2d 45 63 a1 89 2f 27 72 39 60 a3 5f 3e ef
 26 47 63 42 ce 40 db 4d 26 01 ca 5e 00 5c 96 ef
 77 48 7f 1d 09 45 99 d2 bb c2 ed d3 11 37 a1 91
 02 81 81 00 f0 35 21 ff d4 d1 8f 13 ed bf 5f 87
 43 37 31 25 03 fe bf be b7 81 da d1 d3 d5 36 e6
 35 3d b5 77 eb 8e 86 73 12 e5 4a e7 0d a4 d4 66
 7d df 44 bc 2f cb b4 71 65 bd 00 bc 29 2a 08 4f
 35 78 31 59 98 56 e0 db 36 89 0a ca 0b ca 6c 94
 07 de c9 a4 b4 18 a4 bf 92 92 78 c7 c1 69 da 18
 80 ea e3 7c 9a 72 35 1c b3 6e a4 1d ab 5f ae 91
 af a0 c9 0f 85 b8 b8 a9 c6 55 39 6e 91 75 c2 0f
 8d 04 bf 79 02 81 81 00 e0 28 98 94 00 4a aa f1
 a9 9b 17 cd 00 74 81 f6 b3 df e1 d3 98 ca 05 86
 b2 e1 42 e4 81 92 df 10 cf c0 92 ec 9d 0b e1 b4
 43 9d 9d 14 13 e1 29 78 5c f9 99 ee cb bf 09 09
 c7 90 18 dd e6 3c db 38 b2 85 cf db 3f 3d fc 85
 ed 78 1a 31 89 41 3c 39 0b ab fa 23 c8 95 c6 f2
 a8 c1 ee 82 99 b6 bc 5e ea c6 ee 83 18 2a 27 29
 22 d7 e3 34 da f1 e8 8c 82 f0 b5 3f a4 8b be 01
 23 37 f3 4b 10 c7 4c 37 02 81 80 4c 18 e9 0e 7d
 43 6e 4a 67 f5 4a b4 35 4d 14 da 9f 2b 63 5f 6e
 0f 4b 5d 51 f8 a8 0d c2 2c 2c 83 33 32 d1 d1 3e
 d9 39 23 7d a5 0c 4c f3 ef 79 7d 0c bf 42 08 f2
 ac 2f c1 6c 61 0e 84 d9 71 9c 60 bf ec 36 0b fc
 78 e9 dc 1c 64 22 85 bb 00 8f 6d 08 49 0e 58 4a
 7c f0 9a 87 e1 9a e0 4c 67 1d 6e 6a 17 68 50 11
 60 29 c9 e4 72 c9 81 09 dc ac 15 a8 cd 5e 63 1a
 9c 01 37 d0 09 38 53 68 df 6a 31 02 81 80 4d 90
 fe ab 48 26 8e 5c ad 8a 03 84 66 c1 ea 2f 0a 33
 50 9b bd e5 3a 60 50 09 ee f1 cf 7c 99 3f e2 04
 0b 53 61 4c b9 3f 7d 9e 4e ba a1 de 6a 51 42 2b
 04 ff 42 f5 ca 14 de 3f 98 bb 40 6e 92 95 5e 01
 3b d9 ec 5a 70 c5 8f 54 de 0b 82 29 56 c3 8e ac
 66 14 77 d6 8c 4f 6f e2 1b bc 89 a0 58 32 a8 1f
 4a 6d 86 b1 1f 77 f6 9c a9 fc a2 3e cf 6f bf e7
 b7 70 5c 6a 16 c7 a1 fe 3c 6c 1f 54 37 a5 02 81
 80 08 9d 30 ca da d1 af 53 16 e3 77 bf 9f 2b dd
 38 a8 20 f9 e5 57 fb 7a cc 4e c6 0d d5 03 22 9f
 f8 99 f5 61 69 88 3b 7b a7 c0 ca dd b2 1b b7 34
 0b 5d ed 9f 37 fb 02 7d ef 01 2d 29 1d 75 9a ba
 1a 5d 7b 77 47 e6 da b5 d7 a9 06 f2 61 5d 46 f9
 6d c3 81 de 8f 5d 08 ac a6 b6 b3 51 7a 97 08 36
 d3 d8 95 6b 08 e8 e3 10 24 61 67 97 c7 40 68 9e
 b7 84 09 14 3f 95 02 3f 75 8b 8e b1 2c 80 b3 5f
 03
--- a/TestData/x25519.dat
+++ b/TestData/x25519.dat
@ -0,0 +1 @@
 302E020100300506032B656E0422042030D407BB0CC97D0EC493BDB00A4A8EFA06A50D2388F5BA62947030E7D9873F49
--- a/TestData/x25519v0.dat
+++ b/TestData/x25519v0.dat
@ -0,0 +1 @@
 302E020100300506032B656E042204202818E54DE6B88EEF3E99E25042CB98E69373B222E4C1E8B3FB10AC9B26C1007B
--- a/TestData/x25519v1.dat
+++ b/TestData/x25519v1.dat
@ -0,0 +1 @@
 3053020101300506032B656E04220420A00FADD6D29BE764B851F64F7620E80B700DF65914BED31E486362281BB5D061A123032100E9AD4CC54DAA36F312D98B253854F0076E2BC26FCE5802B3AC79A5B59B3D2C4F
--- a/TestPrograms/dump2def.cxx
+++ b/TestPrograms/dump2def.cxx
@ -0,0 +1,214 @@
 // dump2def.cxx - Written and placed in public domain by Jeffrey Walton
 //                Create a module definitions file from a dumpbin file.
 //                dump2def can be used to create a list of exports from
 //                a static library. Then, the exports can used to build
 //                a dynamic link library with the same exports.
 //
 //    If you wish to compile this source file using cl.exe, then:
 //      cl.exe /DNDEBUG /Oi /Oy /O2 /Zi /TP /GR /EHsc /MT dump2def.cxx
 //
 //    The intended workflow in Crypto++ is:
 //
 //      1. Open a Developer Prompt
 //      2. CD to cryptopp/ directory
 //      3. nmake /f cryptest.nmake cryptopp.dll
 //
 //    The cryptopp.dll recipe first builds cryptlib.lib. Then it calls
 //    dumpbin.exe to export all symbols from cryptlib.lib and writes them
 //    to cryptopp.dump. The recipe then calls dump2def.exe to create a
 //    module definition file. Finally, the recipe builds cryptopp.dll
 //    using the module definition file cryptopp.def. The linker creates
 //    the import lib cryptopp.lib and export cryptopp.exp automatically.
 //
 //    This is only "half the problem solved" for those who wish to use
 //    a DLL. The program must import the import lib cryptopp.lib. Then
 //    the program must ensure the library headers export the symbol or
 //    class with CRYPTOPP_DLL. CRYPTOPP_DLL is only present on some classes
 //    because the FIPS module only allowed approved algorithms like AES and
 //    SHA. Other classes like Base64Encoder and HexEncoder lack CRYPTOPP_DLL.
 //
 //    CRYPTOPP_DLL simply adds declspec(dllimport) when CRYPTOPP_IMPORTS is
 //    defined. The limitation of requiring declspec(dllimport) is imposed by
 //    Microsoft. Microsoft does not allow a program to "import everything".
 //
 //    If you would like to read more about the FIPS module and the pain it
 //    causes then see https://www.cryptopp.com/wiki/FIPS_DLL. In fact we
 //    recommend you delete the CryptDll and DllTest projects from the
 //    Visual Studio solution file.
 #include <iostream>
 #include <fstream>
 #include <sstream>
 #include <string>
 #include <vector>
 #include <set>
 // Friendly name
 #define LIBRARY_DESC "Crypto++ Library"
 typedef std::set<std::string> SymbolMap;
 const int ErrorSuccess = 0;
 const int ErrorDumpExtension = 1;
 const int ErrorTooFewOpts = 2;
 const int ErrorTooManyOpts = 3;
 const int ErrorOpenInputFailed = 4;
 const int ErrorOpenOutputFailed = 5;
 const int ErrorReadException = 6;
 const int ErrorWriteException = 7;
 void PrintHelpAndExit(int code)
 {
 	std::cout << "dump2def - create a module definitions file from a dumpbin file" << std::endl;
 	std::cout << "           Written and placed in public domain by Jeffrey Walton" << std::endl;
 	std::cout << std::endl;
 	switch (code)
 	{
 		case ErrorDumpExtension:
 			std::cout << "Error: input file is missing \".dump\" extension.\n" << std::endl;
 			break;
 		case ErrorTooFewOpts:
 			std::cout << "Error: Too few options were supplied.\n" << std::endl;
 			break;
 		case ErrorTooManyOpts:
 			std::cout << "Error: Too many options were supplied.\n" << std::endl;
 			break;
 		case ErrorOpenInputFailed:
 			std::cout << "Error: Failed to open input file.\n" << std::endl;
 			break;
 		case ErrorOpenOutputFailed:
 			std::cout << "Error: Failed to open output file.\n" << std::endl;
 			break;
 		default:
 			;;
 	}
 	std::cout << "Usage: " << std::endl;
 	std::cout << "  dump2def <infile>" << std::endl;
 	std::cout << "    - Create a def file from <infile> and write it to a file with" << std::endl;
 	std::cout << "      the same name as <infile> but using the .def extension" << std::endl;
 	std::cout << "  dump2def <infile> <outfile>" << std::endl;
 	std::cout << "    - Create a def file from <infile> and write it to <outfile>" << std::endl;
 	std::exit((code == ErrorSuccess ? 0 : 1));
 }
 int main(int argc, char* argv[])
 {
 	// ******************** Handle Options ******************** //
 	// Convenience item
 	std::vector<std::string> opts;
 	for (size_t i=0; i<argc; ++i)
 		opts.push_back(argv[i]);
 	// Look for help
 	std::string opt = (opts.size() > 1 ? opts[1].substr(0,2) : "");
 	if (opt == "/h" || opt == "-h" || opt == "/?" || opt == "-?")
 		PrintHelpAndExit(ErrorSuccess);
 	// Add <outfile> as needed
 	if (opts.size() == 2)
 	{
 		std::string outfile = opts[1];
 		std::string::size_type pos = outfile.length() < 5 ? std::string::npos : outfile.length() - 5;
 		if (pos == std::string::npos || outfile.substr(pos) != ".dump")
 			PrintHelpAndExit(ErrorDumpExtension);
 		outfile.replace(pos, 5, ".def");
 		opts.push_back(outfile);
 	}
 	// Check or exit
 	if (opts.size() < 2)
 		PrintHelpAndExit(ErrorTooFewOpts);
 	if (opts.size() > 3)
 		PrintHelpAndExit(ErrorTooManyOpts);
 	// ******************** Read MAP file ******************** //
 	SymbolMap symbols;
 	try
 	{
 		std::ifstream infile(opts[1].c_str());
 		if (infile.is_open() == false)
 			PrintHelpAndExit(ErrorOpenInputFailed);
 		std::string::size_type pos;
 		std::string line;
 		// Find start of the symbol table
 		while (std::getline(infile, line))
 		{
 			pos = line.find("public symbols");
 			if (pos == std::string::npos) { continue; }
 			// Eat the whitespace after the table heading
 			infile >> std::ws;
 			break;
 		}
 		while (std::getline(infile, line))
 		{
 			// End of table
 			if (line.empty()) { break; }
 			std::istringstream iss(line);
 			std::string address, symbol;
 			iss >> address >> symbol;
 			symbols.insert(symbol);
 		}
 	}
 	catch (const std::exception& ex)
 	{
 		std::cerr << "Unexpected exception:" << std::endl;
 		std::cerr << ex.what() << std::endl;
 		std::cerr << std::endl;
 		PrintHelpAndExit(ErrorReadException);
 	}
 	// ******************** Write DEF file ******************** //
 	try
 	{
 		std::ofstream outfile(opts[2].c_str());
 		if (outfile.is_open() == false)
 			PrintHelpAndExit(ErrorOpenOutputFailed);
 		// Library name, cryptopp.dll
 		std::string name = opts[2];
 		std::string::size_type pos = name.find_last_of(".");
 		if (pos != std::string::npos)
 			name.erase(pos);
 		outfile << "LIBRARY " << name << std::endl;
 		outfile << "DESCRIPTION \"" << LIBRARY_DESC << "\"" << std::endl;
 		outfile << "EXPORTS" << std::endl;
 		outfile << std::endl;
 		outfile << "\t;; " << symbols.size() << " symbols" << std::endl;
 		// Symbols from our object files
 		SymbolMap::const_iterator it = symbols.begin();
 		for ( ; it != symbols.end(); ++it)
 			outfile << "\t" << *it << std::endl;
 	}
 	catch (const std::exception& ex)
 	{
 		std::cerr << "Unexpected exception:" << std::endl;
 		std::cerr << ex.what() << std::endl;
 		std::cerr << std::endl;
 		PrintHelpAndExit(ErrorWriteException);
 	}
 	return 0;
 }
--- a/TestPrograms/test_32bit.cxx
+++ b/TestPrograms/test_32bit.cxx
@ -0,0 +1,7 @@
 #include <cstddef>
 int main(int argc, char* argv[])
 {
 	enum {N = (sizeof(std::size_t) == 4 ? 4 : -1)};
 	int x[N];
 	return 0;
 }
--- a/TestPrograms/test_64bit.cxx
+++ b/TestPrograms/test_64bit.cxx
@ -0,0 +1,7 @@
 #include <cstddef>
 int main(int argc, char* argv[])
 {
 	enum {N = (sizeof(std::size_t) == 8 ? 8 : -1)};
 	int x[N];
 	return 0;
 }
--- a/TestPrograms/test_arm_acle.cxx
+++ b/TestPrograms/test_arm_acle.cxx
@ -0,0 +1,5 @@
 #include <arm_acle.h>
 int main(int argc, char* argv[])
 {
 	return 0;
 }
--- a/TestPrograms/test_arm_aes.cxx
+++ b/TestPrograms/test_arm_aes.cxx
@ -0,0 +1,19 @@
 #include <arm_neon.h>
 #include <stdint.h>
 // test_acle.h determines if this is available. Then,
 // -DCRYPTOPP_ARM_ACLE_AVAILABLE=0 is added to CXXFLAGS
 // if the ACLE header is not available.
 #if (CRYPTOPP_ARM_ACLE_AVAILABLE)
 #  include <arm_acle.h>
 #endif
 int main(int argc, char* argv[])
 {
 	uint8x16_t x={0};
 	x=vaeseq_u8(x,x);
 	x=vaesmcq_u8(x);
 	x=vaesdq_u8(x,x);
 	x=vaesimcq_u8(x);
 	return 0;
 }
--- a/TestPrograms/test_arm_asimd.cxx
+++ b/TestPrograms/test_arm_asimd.cxx
@ -0,0 +1,16 @@
 #include <arm_neon.h>
 #include <stdint.h>
 // test_acle.h determines if this is available. Then,
 // -DCRYPTOPP_ARM_ACLE_AVAILABLE=0 is added to CXXFLAGS
 // if the ACLE header is not available.
 #if (CRYPTOPP_ARM_ACLE_AVAILABLE)
 #  include <arm_acle.h>
 #endif
 int main(int argc, char* argv[])
 {
 	uint32x4_t x={0};
 	x=veorq_u32(x,x);
 	return 0;
 }
--- a/TestPrograms/test_arm_crc.cxx
+++ b/TestPrograms/test_arm_crc.cxx
@ -0,0 +1,23 @@
 #include <arm_neon.h>
 #include <stdint.h>
 // test_acle.h determines if this is available. Then,
 // -DCRYPTOPP_ARM_ACLE_AVAILABLE=0 is added to CXXFLAGS
 // if the ACLE header is not available.
 #if (CRYPTOPP_ARM_ACLE_AVAILABLE)
 #  include <arm_acle.h>
 #endif
 int main(int argc, char* argv[])
 {
 	uint32_t w=0xffffffff;
 	w = __crc32w(w,w);
 	w = __crc32h(w,w);
 	w = __crc32b(w,w);
 	w = __crc32cw(w,w);
 	w = __crc32ch(w,w);
 	w = __crc32cb(w,w);
 	return 0;
 }
--- a/TestPrograms/test_arm_neon.cxx
+++ b/TestPrograms/test_arm_neon.cxx
@ -0,0 +1,9 @@
 #include <arm_neon.h>
 #include <stdint.h>
 int main(int argc, char* argv[])
 {
 	uint32x4_t x={0};
 	x=veorq_u32(x,x);
 	return 0;
 }
--- a/TestPrograms/test_arm_pmull.cxx
+++ b/TestPrograms/test_arm_pmull.cxx
@ -0,0 +1,22 @@
 #include <arm_neon.h>
 #include <stdint.h>
 // test_acle.h determines if this is available. Then,
 // -DCRYPTOPP_ARM_ACLE_AVAILABLE=0 is added to CXXFLAGS
 // if the ACLE header is not available.
 #if (CRYPTOPP_ARM_ACLE_AVAILABLE)
 #  include <arm_acle.h>
 #endif
 int main(int argc, char* argv[])
 {
 	const poly64_t   a=0x60606060, b=0x90909090, c=0xb0b0b0b0;
 	const poly64x2_t d={0x60606060,0x90909090};
 	const poly8x16_t e={0x80,0x80,0x80,0x80,0x80,0x80,0x80,0x80,
 	                    0xa0,0xa0,0xa0,0xa0,0xa0,0xa0,0xa0,0xa0};
 	const poly128_t r1 = vmull_p64(a, b);
 	const poly128_t r2 = vmull_high_p64(d, d);
 	return 0;
 }
--- a/TestPrograms/test_arm_sha1.cxx
+++ b/TestPrograms/test_arm_sha1.cxx
@ -0,0 +1,18 @@
 #include <arm_neon.h>
 #include <stdint.h>
 // test_acle.h determines if this is available. Then,
 // -DCRYPTOPP_ARM_ACLE_AVAILABLE=0 is added to CXXFLAGS
 // if the ACLE header is not available.
 #if (CRYPTOPP_ARM_ACLE_AVAILABLE)
 #  include <arm_acle.h>
 #endif
 int main(int argc, char* argv[])
 {
 	uint32x4_t y = {0};
 	y=vsha1cq_u32(y,0,y);
 	y=vsha1mq_u32(y,1,y);
 	y=vsha1pq_u32(y,2,y);
 	return 0;
 }
--- a/TestPrograms/test_arm_sha256.cxx
+++ b/TestPrograms/test_arm_sha256.cxx
@ -0,0 +1,18 @@
 #include <arm_neon.h>
 #include <stdint.h>
 // test_acle.h determines if this is available. Then,
 // -DCRYPTOPP_ARM_ACLE_AVAILABLE=0 is added to CXXFLAGS
 // if the ACLE header is not available.
 #if (CRYPTOPP_ARM_ACLE_AVAILABLE)
 #  include <arm_acle.h>
 #endif
 int main(int argc, char* argv[])
 {
 	uint32x4_t y = {0};
 	y=vsha256hq_u32(y, y, y);
 	y=vsha256h2q_u32(y, y, y);
 	y=vsha256su1q_u32(y, y, y);
 	return 0;
 }
--- a/TestPrograms/test_arm_sha3.cxx
+++ b/TestPrograms/test_arm_sha3.cxx
@ -0,0 +1,29 @@
 #include <arm_neon.h>
 #include <stdint.h>
 // test_acle.h determines if this is available. Then,
 // -DCRYPTOPP_ARM_ACLE_AVAILABLE=0 is added to CXXFLAGS
 // if the ACLE header is not available.
 #if (CRYPTOPP_ARM_ACLE_AVAILABLE)
 #  include <arm_acle.h>
 #endif
 int main(int argc, char* argv[])
 {
 	// SM4 block cipher
 	uint32x4_t x;
 	x=vsm4ekeyq_u32(x,x);
 	x=vsm4eq_u32(x,x);
 	// SM3 hash
 	uint32x4_t y;
 	y=vsm3ss1q_u32(x,y,y);
 	y=vsm3tt1aq_u32(x,y,y,3);
 	y=vsm3tt1bq_u32(x,y,y,1);
 	y=vsm3tt2aq_u32(x,y,y,2);
 	y=vsm3tt2bq_u32(x,y,y,3);
 	y=vsm3partw1q_u32(x,y,y);
 	y=vsm3partw2q_u32(x,y,y);
 	return 0;
 }
--- a/TestPrograms/test_arm_sha512.cxx
+++ b/TestPrograms/test_arm_sha512.cxx
@ -0,0 +1,29 @@
 #include <arm_neon.h>
 #include <stdint.h>
 // test_acle.h determines if this is available. Then,
 // -DCRYPTOPP_ARM_ACLE_AVAILABLE=0 is added to CXXFLAGS
 // if the ACLE header is not available.
 #if (CRYPTOPP_ARM_ACLE_AVAILABLE)
 #  include <arm_acle.h>
 #endif
 int main(int argc, char* argv[])
 {
 	// SM4 block cipher
 	uint32x4_t x;
 	x=vsm4ekeyq_u32(x,x);
 	x=vsm4eq_u32(x,x);
 	// SM3 hash
 	uint32x4_t y;
 	y=vsm3ss1q_u32(x,y,y);
 	y=vsm3tt1aq_u32(x,y,y,3);
 	y=vsm3tt1bq_u32(x,y,y,1);
 	y=vsm3tt2aq_u32(x,y,y,2);
 	y=vsm3tt2bq_u32(x,y,y,3);
 	y=vsm3partw1q_u32(x,y,y);
 	y=vsm3partw2q_u32(x,y,y);
 	return 0;
 }
--- a/TestPrograms/test_arm_sm3.cxx
+++ b/TestPrograms/test_arm_sm3.cxx
@ -0,0 +1,23 @@
 #include <arm_neon.h>
 #include <stdint.h>
 // test_acle.h determines if this is available. Then,
 // -DCRYPTOPP_ARM_ACLE_AVAILABLE=0 is added to CXXFLAGS
 // if the ACLE header is not available.
 #if (CRYPTOPP_ARM_ACLE_AVAILABLE)
 #  include <arm_acle.h>
 #endif
 int main(int argc, char* argv[])
 {
 	// SM3 hash
 	uint32x4_t y;
 	y=vsm3ss1q_u32(x,y,y);
 	y=vsm3tt1aq_u32(x,y,y,3);
 	y=vsm3tt1bq_u32(x,y,y,1);
 	y=vsm3tt2aq_u32(x,y,y,2);
 	y=vsm3tt2bq_u32(x,y,y,3);
 	y=vsm3partw1q_u32(x,y,y);
 	y=vsm3partw2q_u32(x,y,y);
 	return 0;
 }
--- a/TestPrograms/test_arm_sm4.cxx
+++ b/TestPrograms/test_arm_sm4.cxx
@ -0,0 +1,18 @@
 #include <arm_neon.h>
 #include <stdint.h>
 // test_acle.h determines if this is available. Then,
 // -DCRYPTOPP_ARM_ACLE_AVAILABLE=0 is added to CXXFLAGS
 // if the ACLE header is not available.
 #if (CRYPTOPP_ARM_ACLE_AVAILABLE)
 #  include <arm_acle.h>
 #endif
 int main(int argc, char* argv[])
 {
 	// SM4 block cipher
 	uint32x4_t x;
 	x=vsm4ekeyq_u32(x,x);
 	x=vsm4eq_u32(x,x);
 	return 0;
 }
--- a/TestPrograms/test_cxx.cxx
+++ b/TestPrograms/test_cxx.cxx
@ -0,0 +1,6 @@
 #include <string>
 int main(int argc, char* argv[])
 {
 	unsigned int x=0;
 	return x;
 }
--- a/TestPrograms/test_mixed_asm.cxx
+++ b/TestPrograms/test_mixed_asm.cxx
@ -0,0 +1,31 @@
 // Most Clang cannot handle mixed asm with positional arguments, where the
 // body is Intel style with no prefix and the templates are AT&T style.
 // Also see https://bugs.llvm.org/show_bug.cgi?id=39895 .
 #include <cstddef>
 int main(int argc, char* argv[])
 {
 	size_t ret = 1, N = 1;
 	asm __volatile__
 	(
 #if defined(__amd64__) || defined(__x86_64__)
 		".intel_syntax   noprefix ;\n"
 		"xor rsi, rsi    ;\n"
 		"neg %1          ;\n"
 		"inc %1          ;\n"
 		"push %1         ;\n"
 		"pop rax         ;\n"
 		".att_syntax     prefix ;\n"
 		: "=a" (ret) : "c" (N) : "%rsi"
 #else
 		".intel_syntax   noprefix ;\n"
 		"xor esi, esi    ;\n"
 		"neg %1          ;\n"
 		"inc %1          ;\n"
 		"push %1         ;\n"
 		"pop eax         ;\n"
 		".att_syntax     prefix ;\n"
 		: "=a" (ret) : "c" (N) : "%esi"
 #endif
 	);
 	return (int)ret;
 }
--- a/TestPrograms/test_newlib.cxx
+++ b/TestPrograms/test_newlib.cxx
@ -0,0 +1,8 @@
 #include <string>
 int main(int argc, char* argv[])
 {
 #ifndef __NEWLIB__
 	XXX
 #endif
 	return 0;
 }
--- a/TestPrograms/test_ppc_aes.cxx
+++ b/TestPrograms/test_ppc_aes.cxx
@ -0,0 +1,26 @@
 #include <altivec.h>
 int main(int argc, char* argv[])
 {
 #if defined(__ibmxl__) || (defined(_AIX) && defined(__xlC__))
 	__vector unsigned char x = {1,2,3,4,5,6,7,8};
 	x=__vcipher(x,x);
 	x=__vcipherlast(x,x);
 	x=__vncipher(x,x);
 	x=__vncipherlast(x,x);
 #elif defined(__clang__)
 	__vector unsigned long long x = {1,2};
 	x=__builtin_altivec_crypto_vcipher(x,x);
 	x=__builtin_altivec_crypto_vcipherlast(x,x);
 	x=__builtin_altivec_crypto_vncipher(x,x);
 	x=__builtin_altivec_crypto_vncipherlast(x,x);
 #elif defined(__GNUC__)
 	__vector unsigned long long x = {1,2};
 	x=__builtin_crypto_vcipher(x,x);
 	x=__builtin_crypto_vcipherlast(x,x);
 	x=__builtin_crypto_vncipher(x,x);
 	x=__builtin_crypto_vncipherlast(x,x);
 #else
 	int XXX[-1];
 #endif
 	return 0;
 }
--- a/TestPrograms/test_ppc_altivec.cxx
+++ b/TestPrograms/test_ppc_altivec.cxx
@ -0,0 +1,8 @@
 #include <altivec.h>
 int main(int argc, char* argv[])
 {
 	__vector unsigned char x;
 	x=vec_ld(0, (unsigned char*)argv[0]);
 	x=vec_add(x,x);
 	return 0;
 }
--- a/TestPrograms/test_ppc_power7.cxx
+++ b/TestPrograms/test_ppc_power7.cxx
@ -0,0 +1,41 @@
 #include <altivec.h>
 // This follows ppc_simd.h. XLC compilers for POWER7 use vec_xlw4 and
 // vec_xstw4. Some XLC compilers for POWER7 and above use vec_xl and
 // vec_xst. The way to tell the difference is, XLC compilers version
 // 13.0 and earlier use use vec_xlw4 and vec_xstw4 XLC compilers 13.1
 // and later are use vec_xl and vec_xst. The open question is, how to
 // handle early Clang compilers for POWER7. We know the latest Clang
 // compilers support vec_xl and vec_xst. Also see
 // https://www-01.ibm.com/support/docview.wss?uid=swg21683541
 #if defined(__xlc__) && (__xlc__ < 0x0d01)
 # define __early_xlc__ 1
 #endif
 #if defined(__xlC__) && (__xlC__ < 0x0d01)
 # define __early_xlC__ 1
 #endif
 int main(int argc, char* argv[])
 {
 	__vector unsigned char x;
 	unsigned char res[16];
 #if defined(_ARCH_PWR7) && (defined(__early_xlc__) || defined(__early_xlC__))
    x=vec_xlw4(0, (unsigned char*)argv[0]);
 	x=vec_add(x,x);
 	vec_xstw4(x, 0, res);
 #elif defined(_ARCH_PWR7) && (defined(__xlc__) || defined(__xlC__) || defined(__clang__))
 	x=vec_xl(0, (unsigned char*)argv[0]);
 	x=vec_add(x,x);
 	vec_xst(x, 0, res);
 #elif defined(_ARCH_PWR7) && defined(__GNUC__)
 	x=vec_vsx_ld(0, (unsigned char*)argv[0]);
 	x=vec_add(x,x);
 	vec_vsx_st(x, 0, res);
 #else
 	int XXX[-1];
 #endif
 	return 0;
 }
--- a/TestPrograms/test_ppc_power8.cxx
+++ b/TestPrograms/test_ppc_power8.cxx
@ -0,0 +1,7 @@
 #include <altivec.h>
 int main(int argc, char* argv[])
 {
 	__vector unsigned long long z = {1, 2};
 	z=vec_add(z,z);
 	return 0;
 }
--- a/TestPrograms/test_ppc_power9.cxx
+++ b/TestPrograms/test_ppc_power9.cxx
@ -0,0 +1,36 @@
 // The problem we have here is, it appears only GCC 7.0 and above
 // support Power9 builtins. Clang 7.0 has support for some (all?)
 // assembly instructions but we don't see builtin support. We can't
 // determine the state of XLC. Searching IBM's website for
 // terms like 'darn' 'random number' is returning irrelevant hits.
 // Searching with Google from the outside returns 0 hits.
 //
 // The support disconnect means we may report Power9 as unavailable
 // and support DARN at the same time. We get into that state because
 // we use inline asm to detect DARN availablity in the compiler.
 // Also see cpu.cpp and the two query functions; and ppc_power9.cpp
 // and the two probe functions.
 #include <altivec.h>
 int main(int argc, char* argv[])
 {
 #if 0
 	const unsigned char b = (unsigned char)argc;
 	const unsigned int r = (0xf << 24) | (0x3 << 16) | (0xf << 8) | (0x3 << 0);
 #if defined(__clang__)
 	bool x = __builtin_altivec_byte_in_range(b, r);
 #elif defined(__GNUC__)
 	bool x = __builtin_byte_in_range(b, r);
 #else
 	int XXX[-1];
 #endif
 #endif
 #if defined(__GNUC__) || defined(__IBM_GCC_ASM)
 	unsigned int y = __builtin_darn_32();
 #else
 	int XXX[-1];
 #endif
 	return 0;
 }
--- a/TestPrograms/test_ppc_sha.cxx
+++ b/TestPrograms/test_ppc_sha.cxx
@ -0,0 +1,23 @@
 #include <altivec.h>
 int main(int argc, char* argv[])
 {
 #if defined(__ibmxl__) || (defined(_AIX) && defined(__xlC__))
 	__vector unsigned int x = {1,2,3,4};
    x=__vshasigmaw(x, 0, 0);
 	__vector unsigned long long y = {1,2};
    y=__vshasigmad(y, 0, 0);
 #elif defined(__clang__)
 	__vector unsigned int x = {1,2,3,4};
    x=__builtin_altivec_crypto_vshasigmaw(x, 0, 0);
 	__vector unsigned long long y = {1,2};
    y=__builtin_altivec_crypto_vshasigmad(y, 0, 0);
 #elif defined(__GNUC__)
 	__vector unsigned int x = {1,2,3,4};
    x=__builtin_crypto_vshasigmaw(x, 0, 0);
 	__vector unsigned long long y = {1,2};
    y=__builtin_crypto_vshasigmad(y, 0, 0);
 #else
    int XXX[-1];
 #endif
 	return 0;
 }
--- a/TestPrograms/test_ppc_vmull.cxx
+++ b/TestPrograms/test_ppc_vmull.cxx
@ -0,0 +1,17 @@
 #include <altivec.h>
 int main(int argc, char* argv[])
 {
 	__vector unsigned long long x = {1,2};
 	__vector unsigned long long y = {3,4};
 #if defined(__ibmxl__) || (defined(_AIX) && defined(__xlC__))
 	__vector unsigned long long z=__vpmsumd(x,y);
 #elif defined(__clang__)
 	__vector unsigned long long z=__builtin_altivec_crypto_vpmsumd(x,y);
 #elif defined(__GNUC__)
 	__vector unsigned long long z=__builtin_crypto_vpmsumd(x,y);
 #else
 	int XXX[-1];
 #endif
 	return 0;
 }
--- a/TestPrograms/test_pthreads.cxx
+++ b/TestPrograms/test_pthreads.cxx
@ -0,0 +1,15 @@
 #include <string>
 #include <pthread.h>
 void* function(void *ptr)
 {
 	return 0;
 }
 int main(int argc, char* argv[])
 {
 	pthread_t thread;
 	int ret = pthread_create(&thread, NULL, function, (void*)0);
 	pthread_join(thread, NULL);
 	return 0;
 }
--- a/TestPrograms/test_x86_aes.cxx
+++ b/TestPrograms/test_x86_aes.cxx
@ -0,0 +1,11 @@
 #include <emmintrin.h>
 #include <wmmintrin.h>
 int main(int argc, char* argv[])
 {
 	__m128i x = _mm_setzero_si128();
 	x=_mm_aesenc_si128(x,x);
 	x=_mm_aesenclast_si128(x,x);
 	x=_mm_aesdec_si128(x,x);
 	x=_mm_aesdeclast_si128(x,x);
 	return 0;
 }
--- a/TestPrograms/test_x86_avx.cxx
+++ b/TestPrograms/test_x86_avx.cxx
@ -0,0 +1,7 @@
 #include <immintrin.h>
 int main(int argc, char* argv[])
 {
 	__m256d x = _mm256_setzero_pd();
 	x=_mm256_addsub_pd(x,x);
 	return 0;
 }
--- a/TestPrograms/test_x86_avx2.cxx
+++ b/TestPrograms/test_x86_avx2.cxx
@ -0,0 +1,9 @@
 #include <immintrin.h>
 int main(int argc, char* argv[])
 {
 	// _mm256_broadcastsi128_si256 due to Clang
 	__m128i x = _mm_setzero_si128 ();
 	__m256i y = _mm256_broadcastsi128_si256 (x);
 	y = _mm256_add_epi64 (y,y);
 	return 0;
 }
--- a/TestPrograms/test_x86_avx512.cxx
+++ b/TestPrograms/test_x86_avx512.cxx
@ -0,0 +1,8 @@
 #include <stdint.h>
 #include <immintrin.h>
 int main(int argc, char* argv[])
 {
    uint64_t x[8] = {0};
    __m512i y = _mm512_loadu_si512((__m512i*)x);
    return 0;
 }
--- a/TestPrograms/test_x86_clmul.cxx
+++ b/TestPrograms/test_x86_clmul.cxx
@ -0,0 +1,8 @@
 #include <emmintrin.h>
 #include <wmmintrin.h>
 int main(int argc, char* argv[])
 {
 	__m128i x = _mm_setzero_si128();
 	x=_mm_clmulepi64_si128(x,x,0x11);
 	return 0;
 }
--- a/TestPrograms/test_x86_cpuid.cxx
+++ b/TestPrograms/test_x86_cpuid.cxx
@ -0,0 +1,7 @@
 int main(int argc, char* argv[])
 {
 	unsigned int a, b, c, d;
 	asm volatile ( "cpuid" : "+a"(a), "=b"(b), "+c"(c), "=d"(d) );
 	return 0;
 }
--- a/TestPrograms/test_x86_rdrand.cxx
+++ b/TestPrograms/test_x86_rdrand.cxx
@ -0,0 +1,7 @@
 #include <immintrin.h>
 int main(int argc, char* argv[])
 {
    unsigned int x=0;
    (void)_rdrand32_step (&x);
    return x == 0 ? 0 : 0;
 }
--- a/TestPrograms/test_x86_rdseed.cxx
+++ b/TestPrograms/test_x86_rdseed.cxx
@ -0,0 +1,7 @@
 #include <immintrin.h>
 int main(int argc, char* argv[])
 {
    unsigned int x=0;
    (void)_rdseed32_step (&x);
    return x == 0 ? 0 : 0;
 }
--- a/TestPrograms/test_x86_sha.cxx
+++ b/TestPrograms/test_x86_sha.cxx
@ -0,0 +1,14 @@
 #include <emmintrin.h>
 #include <immintrin.h>
 int main(int argc, char* argv[])
 {
 	__m128i x = _mm_setzero_si128();
 	x=_mm_sha1msg1_epu32(x,x);
 	x=_mm_sha1msg2_epu32(x,x);
 	x=_mm_sha1nexte_epu32(x,x);
 	x=_mm_sha1rnds4_epu32(x,x,0);
 	x=_mm_sha256msg1_epu32(x,x);
 	x=_mm_sha256msg2_epu32(x,x);
 	x=_mm_sha256rnds2_epu32(x,x,x);
 	return 0;
 }
--- a/TestPrograms/test_x86_sse2.cxx
+++ b/TestPrograms/test_x86_sse2.cxx
@ -0,0 +1,7 @@
 #include <emmintrin.h>
 int main(int argc, char* argv[])
 {
 	__m128i x = _mm_setzero_si128();
 	x=_mm_add_epi64(x,x);
 	return 0;
 }
--- a/TestPrograms/test_x86_sse3.cxx
+++ b/TestPrograms/test_x86_sse3.cxx
@ -0,0 +1,8 @@
 #include <emmintrin.h>
 #include <pmmintrin.h>
 int main(int argc, char* argv[])
 {
 	__m128d x = _mm_setzero_pd();
 	x=_mm_addsub_pd(x,x);
 	return 0;
 }
--- a/TestPrograms/test_x86_sse41.cxx
+++ b/TestPrograms/test_x86_sse41.cxx
@ -0,0 +1,10 @@
 #include <emmintrin.h>
 #include <smmintrin.h>
 int main(int argc, char* argv[])
 {
 	__m128i x = _mm_setzero_si128();
 	__m128i a = _mm_setzero_si128();
 	__m128i b = _mm_setzero_si128();
 	x=_mm_blend_epi16(a,b,4);
 	return 0;
 }
--- a/TestPrograms/test_x86_sse42.cxx
+++ b/TestPrograms/test_x86_sse42.cxx
@ -0,0 +1,7 @@
 #include <nmmintrin.h>
 int main(int argc, char* argv[])
 {
 	unsigned int x=32;
 	x=_mm_crc32_u8(x,4);
 	return 0;
 }
--- a/TestPrograms/test_x86_ssse3.cxx
+++ b/TestPrograms/test_x86_ssse3.cxx
@ -0,0 +1,8 @@
 #include <emmintrin.h>
 #include <tmmintrin.h>
 int main(int argc, char* argv[])
 {
 	__m128i x = _mm_setzero_si128();
 	x=_mm_alignr_epi8(x,x,2);
 	return 0;
 }
--- a/TestScripts/change-version.sh
+++ b/TestScripts/change-version.sh
@ -0,0 +1,17 @@
 #!/usr/bin/env bash
 # Use this script to switch back to the previous Crypto++ version before
 # building the docs. Before running the script, copy it to the root
 # directory. After running this script, you can 'make docs'
 sed 's|Library 8.3 API|Library 8.2 API|g' cryptlib.h > cryptlib.h.new
 mv cryptlib.h.new cryptlib.h
 sed 's|= 8.3|= 8.2|g' Doxyfile > Doxyfile.new
 mv Doxyfile.new Doxyfile
 sed 's|CRYPTOPP_MINOR 3|CRYPTOPP_MINOR 2|g' config_ver.h > config_ver.h.new
 mv config_ver.h.new config_ver.h
 sed 's|CRYPTOPP_VERSION 830|CRYPTOPP_VERSION 820|g' config_ver.h > config_ver.h.new
 mv config_ver.h.new config_ver.h
--- a/TestScripts/coverity-linux.txt
+++ b/TestScripts/coverity-linux.txt
@ -14,16 +14,14 @@ make distclean &>/dev/null
 # Usually we test with these flags
 # CXXFLAGS="-DNDEBUG -g3 -O2"
-
+cov-build --dir cov-int make -j 2
 # Testing for Issue 302 (http://github.com/weidai11/cryptopp/issues/302)
 CXXFLAGS="-DNDEBUG -g2 -O3 -march=i686 -msse -msse2 -msse3 -mssse3 -mno-aes" cov-build --dir cov-int make -j 2
 tar czvf cryptopp.tgz cov-int
 CRYPTOPP_COVERITY_TOKEN=XXXXXXXXXXXXXXXX
 COVERITY_SCAN_NAME="Rijndael-AliasedTable-SSE2-Linux-i686"
-curl
+curl \
  --form token="$CRYPTOPP_COVERITY_TOKEN" \
  --form email=webmaster@cryptopp.com \
  --form file=@cryptopp.tgz \
--- a/TestScripts/cryptest-android.sh
+++ b/TestScripts/cryptest-android.sh
@ -9,36 +9,67 @@
 #
 # See http://www.cryptopp.com/wiki/Android_(Command_Line) for more details
 # ====================================================================
 set +e
 if [ -z $(command -v ./setenv-android-gcc.sh) ]; then
 	echo "Failed to locate setenv-android-gcc.sh"
 	ls -Al *.sh
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 if [ -z "${PLATFORM-}" ]; then
 	PLATFORMS=(armeabi armeabi-v7a armv7a-neon aarch64 mipsel mipsel64 x86 x86_64)
 else
 	PLATFORMS=(${PLATFORM})
 fi
 RUNTIMES=(gnu-static gnu-shared stlport-static stlport-shared) #llvm-static llvm-shared
 PLATFORMS=(armeabi armeabi-v7a armeabi-v7a-hard armv7a-neon aarch64 mipsel x86 x86_64)
 RUNTIMES=(stlport-static stlport-shared gabi++-static gabi++-shared)
 for platform in ${PLATFORMS[@]}
 do
 	for runtime in ${RUNTIMES[@]}
 	do
 		make -f GNUmakefile-cross distclean > /dev/null 2>&1
 		MESSAGE="Testing for Android support of $platform using $runtime"
 		LEN=${#MESSAGE}
 		HEADER=$(seq  -f "*" -s '' $LEN)
 		echo
-		echo "$HEADER"
+		echo "===================================================================="
-		echo "$MESSAGE"
+		echo "Testing for Android support of $platform using $runtime"
 		# Test if we can set the environment for the platform
-		./setenv-android.sh "$platform" "$runtime" > /dev/null 2>&1
+		./setenv-android-gcc.sh "$platform" "$runtime"
 		if [ "$?" -ne "0" ];
 		then
 			echo
 			echo "There were problems testing $platform with $runtime"
 			echo "$platform:$runtime ==> FAILURE" >> /tmp/build.log
 			touch /tmp/build.failed
 			continue
 		fi
 		if [ "$?" -eq "0" ]; then
 		echo
 		echo "Building for $platform using $runtime..."
 		echo
-			. ./setenv-android.sh "$platform" "$runtime"
+		# run in subshell to not keep any env vars
 		(
 			source ./setenv-android-gcc.sh "$platform" "$runtime" > /dev/null 2>&1
 			make -f GNUmakefile-cross static dynamic cryptest.exe
 			if [ "$?" -eq "0" ]; then
 				echo "$platform:$runtime ==> SUCCESS" >> /tmp/build.log
 			else
-			echo
+				echo "$platform:$runtime ==> FAILURE" >> /tmp/build.log
-			echo "$platform not supported by Android"
+				touch /tmp/build.failed
 			fi
 		)
 	done
 done
 cat /tmp/build.log
 # let the script fail if any of the builds failed
 if [ -f /tmp/build.failed ]; then
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 [[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 0 || return 0
--- a/TestScripts/cryptest-autotools.sh
+++ b/TestScripts/cryptest-autotools.sh
@ -0,0 +1,173 @@
 #!/usr/bin/env bash
 PWD_DIR=$(pwd)
 function cleanup {
 	cd "$PWD_DIR"
 }
 trap cleanup EXIT
 #############################################################################
 GREP=grep
 SED=sed
 AWK=awk
 MAKE=make
 # Fixup, Solaris and friends
 if [[ (-d /usr/xpg4/bin) ]]; then
 	SED=/usr/xpg4/bin/sed
 	AWK=/usr/xpg4/bin/awk
 	GREP=/usr/xpg4/bin/grep
 elif [[ (-d /usr/bin/posix) ]]; then
 	SED=/usr/bin/posix/sed
 	AWK=/usr/bin/posix/awk
 	GREP=/usr/bin/posix/grep
 fi
 # Fixup for sed and "illegal byte sequence"
 IS_DARWIN=$(uname -s | "$GREP" -i -c darwin)
 if [[ "$IS_DARWIN" -ne 0 ]]; then
 	export LC_ALL=C
 fi
 # Fixup for Solaris and BSDs
 if [[ ! -z $(command -v gmake) ]]; then
 	MAKE=gmake
 else
 	MAKE=make
 fi
 # Fixup for missing libtool
 if [[ ! -z $(command -v libtoolize) ]]; then
 	LIBTOOLIZE=$(command -v libtoolize)
 elif [[ ! -z $(command -v glibtoolize) ]]; then
 	LIBTOOLIZE=$(command -v glibtoolize)
 elif [[ ! -z $(command -v libtool) ]]; then
 	LIBTOOLIZE=$(command -v libtool)
 elif [[ ! -z $(command -v glibtool) ]]; then
 	LIBTOOLIZE=$(command -v glibtool)
 fi
 #############################################################################
 echo "Downloading configure.ac"
 if ! wget -O configure.ac -q --no-check-certificate 'https://raw.githubusercontent.com/noloader/cryptopp-autotools/master/configure.ac'; then
 	echo "configure.ac download failed"
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 echo "Downloading Makefile.am"
 if ! wget -O Makefile.am -q --no-check-certificate 'https://raw.githubusercontent.com/noloader/cryptopp-autotools/master/Makefile.am'; then
 	echo "Makefile.am download failed"
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 echo "Downloading libcryptopp.pc.in"
 if ! wget -O libcryptopp.pc.in -q --no-check-certificate 'https://raw.githubusercontent.com/noloader/cryptopp-autotools/master/libcryptopp.pc.in'; then
 	echo "libcryptopp.pc.in download failed"
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 mkdir -p m4/
 #############################################################################
 if [[ -z $(command -v autoupdate) ]]; then
 	echo "Cannot find autoupdate. Things may fail."
 fi
 if [[ -z "$LIBTOOLIZE" ]]; then
 	echo "Cannot find libtoolize. Things may fail."
 fi
 if [[ -z $(command -v automake) ]]; then
 	echo "Cannot find automake. Things may fail."
 fi
 if [[ -z $(command -v autoreconf) ]]; then
 	echo "Cannot find autoreconf. Things may fail."
 fi
 echo "Running autoupdate"
 if ! autoupdate &>/dev/null; then
 	echo "autoupdate failed."
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 echo "Running libtoolize"
 if ! "$LIBTOOLIZE" --force --install &>/dev/null; then
 	echo "libtoolize failed... skipping."
 	# [[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 # Run autoreconf twice on failure. Also see
 # https://github.com/tracebox/tracebox/issues/57
 echo "Running autoreconf"
 if ! autoreconf --force --install &>/dev/null; then
 	echo "autoreconf failed, running again."
 	if ! autoreconf --force --install; then
 		echo "autoreconf failed, again."
 		[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 	fi
 fi
 #############################################################################
 # Update config.sub config.guess. GNU recommends using the latest for all projects.
 echo "Updating config.sub"
 wget -O config.sub.new -q --no-check-certificate 'https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub'
 # Solaris removes +w, can't overwrite
 chmod +w config.sub
 mv config.sub.new config.sub
 chmod +x config.sub
 if [[ "$IS_DARWIN" -ne 0 ]] && [[ -n $(command -v xattr) ]]; then
 	echo "Removing config.sub quarantine"
 	xattr -d "com.apple.quarantine" config.sub &>/dev/null
 fi
 echo "Updating config.guess"
 wget -O config.guess.new -q --no-check-certificate 'https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess'
 # Solaris removes +w, can't overwrite
 chmod +w config.guess
 mv config.guess.new config.guess
 chmod +x config.guess
 if [[ "$IS_DARWIN" -ne 0 ]] && [[ -n $(command -v xattr) ]]; then
 	echo "Removing config.guess quarantine"
 	xattr -d "com.apple.quarantine" config.guess &>/dev/null
 fi
 #############################################################################
 echo "Running configure"
 echo ""
 if ! ./configure; then
 	echo "configure failed."
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 "$MAKE" clean 2>/dev/null
 #############################################################################
 if ! "$MAKE" -j2 -f Makefile; then
 	echo "make failed."
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 if ! ./cryptest v; then
 	echo "cryptest v failed."
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 if ! ./cryptest tv all; then
 	echo "cryptest tv all failed."
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 # Return success
 [[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 0 || return 0
--- a/TestScripts/cryptest-cmake.sh
+++ b/TestScripts/cryptest-cmake.sh
@ -0,0 +1,73 @@
 #!/usr/bin/env bash
 PWD_DIR=$(pwd)
 function cleanup {
    cd "$PWD_DIR"
 }
 trap cleanup EXIT
 # Fixup ancient Bash
 # https://unix.stackexchange.com/q/468579/56041
 if [[ -z "$BASH_SOURCE" ]]; then
 	BASH_SOURCE="$0"
 fi
 # Fixup for Solaris and BSDs
 if [[ ! -z $(command -v gmake) ]]; then
 	MAKE=gmake
 else
 	MAKE=make
 fi
 # Fixup for AIX
 if [[ -z "$CMAKE" ]]; then
 	CMAKE=cmake
 fi
 # Feth the three required files
 if ! wget --no-check-certificate https://raw.githubusercontent.com/noloader/cryptopp-cmake/master/CMakeLists.txt -O CMakeLists.txt; then
 	echo "CMakeLists.txt download failed"
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 if ! wget --no-check-certificate https://github.com/noloader/cryptopp-cmake/blob/master/cryptopp-config.cmake -O cryptopp-config.cmake; then
 	echo "cryptopp-config.cmake download failed"
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 rm -rf "$PWD_DIR/cmake_build"
 mkdir -p "$PWD_DIR/cmake_build"
 cd "$PWD_DIR/cmake_build"
 if [[ ! -z "$CXX" ]];
 then
 	if ! CXX="$CXX" "$CMAKE" -DCMAKE_CXX_COMPILER="$CXX" ../; then
 		echo "cmake failed"
 		[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 	fi
 else
 	if ! "$CMAKE" ../; then
 		echo "cmake failed"
 		[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 	fi
 fi
 "$MAKE" clean 2>/dev/null
 if ! "$MAKE" -j2 -f Makefile VERBOSE=1; then
 	echo "make failed"
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 if ! ./cryptest.exe v; then
 	echo "cryptest.exe v failed"
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 if ! ./cryptest.exe tv all; then
 	echo "cryptest.exe v failed"
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 # Return success
 [[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 0 || return 0
--- a/TestScripts/cryptest-coverity.cpp
+++ b/TestScripts/cryptest-coverity.cpp
@ -1,6 +1,5 @@
 // cryptest-coverity.cpp - Coverity modeling file.
 //                         Written and placed in public domain by Jeffrey Walton and Uri Blumenthal.
 //                         Copyright assigned to Crypto++ project.
 //
 // For more information see http://cryptopp.com/wiki/Coverity_Scan.
 //
--- a/TestScripts/cryptest-ios.sh
+++ b/TestScripts/cryptest-ios.sh
@ -10,31 +10,61 @@
 # See http://www.cryptopp.com/wiki/iOS_(Command_Line) for more details
 # ====================================================================
-PLATFORMS=(iPhoneOS iPhoneSimulator WatchOS WatchSimulator AppleTVOS AppleTVSimulator)
+if [ -z $(command -v ./setenv-ios.sh) ]; then
 	echo "Failed to locate setenv-ios.sh"
 	ls -Al *.sh
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 if [ -z "${PLATFORM-}" ]; then
 	PLATFORMS=(iPhoneOS iPhoneSimulator Arm64 WatchOS WatchSimulator AppleTVOS AppleTVSimulator)
 else
 	PLATFORMS=(${PLATFORM})
 fi
 for platform in ${PLATFORMS[@]}
 do
 	make -f GNUmakefile-cross distclean > /dev/null 2>&1
 	MESSAGE="Testing for Xcode support of $platform"
 	LEN=${#MESSAGE}
 	HEADER=$(seq  -f "*" -s '' $LEN)
 	echo
-	echo "$HEADER"
+	echo "====================================================="
-	echo "$MESSAGE"
+	echo "Testing for iOS support of $platform"
 	# Test if we can set the environment for the platform
-	./setenv-ios.sh "$platform" > /dev/null 2>&1
+	./setenv-ios.sh "$platform"
-	if [ "$?" -eq "0" ]; then
+	if [ "$?" -ne "0" ];
-		echo
+	then
 		echo "Building for $platform..."
 		echo
 		. ./setenv-ios.sh "$platform"
 		make -f GNUmakefile-cross static dynamic cryptest.exe
 	else
 		echo
 		echo "$platform not supported by Xcode"
 		echo "$platform ==> FAILURE" >> /tmp/build.log
 		touch /tmp/build.failed
 		continue
 	fi
 	echo
 	echo "Building for $platform using $runtime..."
 	echo
 	# run in subshell to not keep any env vars
 	(
 		source ./setenv-ios.sh "$platform" > /dev/null 2>&1
 		make -f GNUmakefile-cross static dynamic cryptest.exe
 		if [ "$?" -eq "0" ]; then
 			echo "$platform ==> SUCCESS" >> /tmp/build.log
 		else
 			echo "$platform ==> FAILURE" >> /tmp/build.log
 			touch /tmp/build.failed
 		fi
 	)
 done
 cat /tmp/build.log
 # let the script fail if any of the builds failed
 if [ -f /tmp/build.failed ]; then
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 [[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 0 || return 0
--- a/TestScripts/cryptest-symbols.sh
+++ b/TestScripts/cryptest-symbols.sh
@ -0,0 +1,328 @@
 #!/usr/bin/env bash
 # cryptest.sh - written and placed in public domain by Jeffrey Walton and Uri
 #               Blumenthal.
 # This is a test script that can be used on some Linux/Unix/Apple machines to
 # automate testing of the shared object to ensure linking and symbols don't go
 # missing from release to release.
 # Fixup ancient Bash
 # https://unix.stackexchange.com/q/468579/56041
 if [[ -z "$BASH_SOURCE" ]]; then
 	BASH_SOURCE="$0"
 fi
 ############################################
 # Cleanup
 PWD_DIR=$(pwd)
 function cleanup {
    rm -f adhoc.cpp *.a *.o *.so *.dylib
    cd "$PWD_DIR"
 }
 trap cleanup EXIT
 ############################################
 # Tags to test
 OLD_VERSION_TAG=CRYPTOPP_8_2_0
 NEW_VERSION_TAG=master
 ############################################
 # If local repo is dirty, then promt first
 DIRTY=$(git diff --shortstat 2> /dev/null | tail -1)
 if [[ ! (-z "$DIRTY") ]]; then
 	echo
 	echo "The local repo is dirty. Continuing will reset the repo and lose changes."
 	read -p "Type 'Y' to proceed or 'N' to exit. Proceed? " -n 1 -r
 	echo # (optional) move to a new line
 	if [[ !($REPLY =~ ^[Yy]$) ]]; then
 		exit 0
 	fi
 else
 	echo
 	echo "The local repo is clean. Proceeding..."
 fi
 ############################################
 echo
 echo "****************************************************************"
 echo "Testing '$NEW_VERSION_TAG' against '$OLD_VERSION_TAG'"
 echo "****************************************************************"
 ############################################
 # Setup tools and platforms
 GREP=grep
 EGREP=egrep
 SED=sed
 AWK=awk
 CXXFILT=c++filt
 THIS_SYSTEM=$(uname -s 2>&1)
 IS_DARWIN=$(echo -n "$THIS_SYSTEM" | "$GREP" -i -c darwin)
 IS_LINUX=$(echo -n "$THIS_SYSTEM" | "$GREP" -i -c linux)
 IS_CYGWIN=$(echo -n "$THIS_SYSTEM" | "$GREP" -i -c cygwin)
 IS_MINGW=$(echo -n "$THIS_SYSTEM" | "$GREP" -i -c mingw)
 IS_OPENBSD=$(echo -n "$THIS_SYSTEM" | "$GREP" -i -c openbsd)
 IS_FREEBSD=$(echo -n "$THIS_SYSTEM" | "$GREP" -i -c freebsd)
 IS_NETBSD=$(echo -n "$THIS_SYSTEM" | "$GREP" -i -c netbsd)
 IS_SOLARIS=$(echo -n "$THIS_SYSTEM" | "$GREP" -i -c sunos)
 THIS_MACHINE=$(uname -m 2>&1)
 IS_X86=$(echo -n "$THIS_MACHINE" | "$EGREP" -i -c "(i386|i486|i586|i686)")
 IS_X64=$(echo -n "$THIS_MACHINE" | "$EGREP" -i -c "(amd64|x86_64)")
 IS_PPC=$(echo -n "$THIS_MACHINE" | "$EGREP" -i -c "(Power|PPC)")
 IS_ARM32=$(echo -n "$THIS_MACHINE" | "$GREP" -v "64" | "$EGREP" -i -c "(arm|aarch32)")
 IS_ARM64=$(echo -n "$THIS_MACHINE" | "$EGREP" -i -c "(arm64|aarch64)")
 IS_S390=$(echo -n "$THIS_MACHINE" | "$EGREP" -i -c "s390")
 IS_X32=0
 # Fixup
 if [[ "$IS_SOLARIS" -ne "0" ]]; then
 	IS_X64=$(isainfo 2>/dev/null | "$GREP" -i -c "amd64")
 	if [[ "$IS_X64" -ne "0" ]]; then
 		IS_X86=0
 	fi
 	# Need something more powerful than the Posix versions
 	if [[ (-e "/usr/gnu/bin/grep") ]]; then
 		GREP=/usr/gnu/bin/grep
 	fi
 	if [[ (-e "/usr/gnu/bin/egrep") ]]; then
 		EGREP=/usr/gnu/bin/egrep
 	fi
 	if [[ (-e "/usr/gnu/bin/sed") ]]; then
 		SED=/usr/gnu/bin/sed
 	fi
 	if [[ (-e "/usr/gnu/bin/c++filt") ]]; then
 		CXXFILT=/usr/gnu/bin/c++filt
 	fi
 	if [[ (-e "/usr/gnu/bin/awk") ]]; then
 		AWK=/usr/gnu/bin/awk
 	else
 		AWK=nawk;
 	fi
 fi
 if [[ "$IS_DARWIN" -ne "0" ]]; then
 	SED_OPTS=(-i '')
 else
 	SED_OPTS=(-i)
 fi
 # Fixup
 if [[ ("$IS_FREEBSD" -ne "0" || "$IS_OPENBSD" -ne "0" || "$IS_NETBSD" -ne "0") ]]; then
 	MAKE=gmake
 elif [[ ("$IS_SOLARIS" -ne "0") ]]; then
 	MAKE=$(which gmake 2>/dev/null | "$GREP" -v "no gmake" | head -1)
 	if [[ (-z "$MAKE") && (-e "/usr/sfw/bin/gmake") ]]; then
 		MAKE=/usr/sfw/bin/gmake
 	fi
 else
 	MAKE=make
 fi
 # We need to use the C++ compiler to determine feature availablility. Otherwise
 #   mis-detections occur on a number of platforms.
 if [[ ((-z "$CXX") || ("$CXX" == "gcc")) ]]; then
 	if [[ ("$CXX" == "gcc") ]]; then
 		CXX=g++
 	elif [[ "$IS_DARWIN" -ne "0" ]]; then
 		CXX=c++
 	elif [[ "$IS_SOLARIS" -ne "0" ]]; then
 		if [[ (-e "/opt/developerstudio12.5/bin/CC") ]]; then
 			CXX=/opt/developerstudio12.5/bin/CC
 		elif [[ (-e "/opt/solarisstudio12.4/bin/CC") ]]; then
 			CXX=/opt/solarisstudio12.4/bin/CC
 		elif [[ (-e "/opt/solarisstudio12.3/bin/CC") ]]; then
 			CXX=/opt/solarisstudio12.3/bin/CC
 		elif [[ (-e "/opt/solstudio12.2/bin/CC") ]]; then
 			CXX=/opt/solstudio12.2/bin/CC
 		elif [[ (-e "/opt/solstudio12.1/bin/CC") ]]; then
 			CXX=/opt/solstudio12.1/bin/CC
 		elif [[ (-e "/opt/solstudio12.0/bin/CC") ]]; then
 			CXX=/opt/solstudio12.0/bin/CC
 		elif [[ (! -z $(which CC 2>/dev/null | "$GREP" -v "no CC" | head -1)) ]]; then
 			CXX=$(which CC | head -1)
 		elif [[ (! -z $(which g++ 2>/dev/null | "$GREP" -v "no g++" | head -1)) ]]; then
 			CXX=$(which g++ | head -1)
 		else
 			CXX=CC
 		fi
 	elif [[ ($(which g++ 2>&1 | "$GREP" -v "no g++" | "$GREP" -i -c g++) -ne "0") ]]; then
 		CXX=g++
 	else
 		CXX=c++
 	fi
 fi
 SUN_COMPILER=$("$CXX" -V 2>&1 | "$EGREP" -i -c "CC: (Sun|Studio)")
 GCC_COMPILER=$("$CXX" --version 2>&1 | "$GREP" -i -v "clang" | "$EGREP" -i -c "(gcc|g\+\+)")
 INTEL_COMPILER=$("$CXX" --version 2>&1 | "$EGREP" -i -c "\(icc\)")
 MACPORTS_COMPILER=$("$CXX" --version 2>&1 | "$EGREP" -i -c "MacPorts")
 CLANG_COMPILER=$("$CXX" --version 2>&1 | "$EGREP" -i -c "clang")
 if [[ ("$SUN_COMPILER" -eq "0") ]]; then
 	AMD64=$("$CXX" -dM -E - </dev/null 2>/dev/null | "$EGREP" -c "(__x64_64__|__amd64__)")
 	ILP32=$("$CXX" -dM -E - </dev/null 2>/dev/null | "$EGREP" -c "(__ILP32__|__ILP32)")
 	if [[ ("$AMD64" -ne "0") && ("$ILP32" -ne "0") ]]; then
 		IS_X32=1
 	fi
 fi
 ############################################
 # CPU is logical count, memory is in MiB. Low resource boards have
 #   fewer than 4 cores and 1GB or less memory. We use this to
 #   determine if we can build in parallel without an OOM kill.
 CPU_COUNT=1
 MEM_SIZE=512
 if [[ (-e "/proc/cpuinfo") && (-e "/proc/meminfo") ]]; then
 	CPU_COUNT=$(cat /proc/cpuinfo | "$GREP" -c '^processor')
 	MEM_SIZE=$(cat /proc/meminfo | "$GREP" "MemTotal" | "$AWK" '{print $2}')
 	MEM_SIZE=$(($MEM_SIZE/1024))
 elif [[ "$IS_DARWIN" -ne "0" ]]; then
 	CPU_COUNT=$(sysctl -a 2>&1 | "$GREP" 'hw.availcpu' | "$AWK" '{print $3; exit}')
 	MEM_SIZE=$(sysctl -a 2>&1 | "$GREP" 'hw.memsize' | "$AWK" '{print $3; exit;}')
 	MEM_SIZE=$(($MEM_SIZE/1024/1024))
 elif [[ "$IS_SOLARIS" -ne "0" ]]; then
 	CPU_COUNT=$(psrinfo 2>/dev/null | wc -l | "$AWK" '{print $1}')
 	MEM_SIZE=$(prtconf 2>/dev/null | "$GREP" Memory | "$AWK" '{print $3}')
 fi
 # Some ARM devboards cannot use 'make -j N', even with multiple cores and RAM
 #  An 8-core Cubietruck Plus with 2GB RAM experiences OOM kills with '-j 2'.
 HAVE_SWAP=1
 if [[ "$IS_LINUX" -ne "0" ]]; then
 	if [[ (-e "/proc/meminfo") ]]; then
 		SWAP_SIZE=$(cat /proc/meminfo | "$GREP" "SwapTotal" | "$AWK" '{print $2}')
 		if [[ "$SWAP_SIZE" -eq "0" ]]; then
 			HAVE_SWAP=0
 		fi
 	else
 		HAVE_SWAP=0
 	fi
 fi
 if [[ ("$CPU_COUNT" -ge "2" && "$MEM_SIZE" -ge "1280" && "$HAVE_SWAP" -ne "0") ]]; then
 	if [[ ("$WANT_NICE" -eq "1") ]]; then
 		CPU_COUNT=$(echo -n "$CPU_COUNT 2" | "$AWK" '{print int($1/$2)}')
 	fi
 	MAKEARGS=(-j "$CPU_COUNT")
 fi
 ###############################################################################
 ###############################################################################
 "$MAKE" distclean &>/dev/null
 git checkout master -f &>/dev/null
 git checkout "$OLD_VERSION_TAG" -f &>/dev/null
 if [[ "$?" -ne "0" ]]; then
 	echo "Failed to checkout $OLD_VERSION_TAG"
 	exit 1
 fi
 echo
 echo "****************************************************************"
 echo "Building dynamic library for $OLD_VERSION_TAG"
 echo "****************************************************************"
 echo
 if [[ "$IS_DARWIN" -ne "0" ]]; then
 	LINK_LIBRARY=libcryptopp.dylib
 else
 	LINK_LIBRARY=libcryptopp.so
 fi
 LINK_LIBRARY="$LINK_LIBRARY" "$MAKE" "${MAKEARGS[@]}" -f GNUmakefile dynamic
 if [[ ! -f "$LINK_LIBRARY" ]]; then
 	echo "Failed to make $OLD_VERSION_TAG library"
 	exit 1
 fi
 echo
 echo "****************************************************************"
 echo "Building cryptest.exe for $OLD_VERSION_TAG"
 echo "****************************************************************"
 echo
 "$MAKE" "${MAKEARGS[@]}" -f GNUmakefile cryptest.exe
 if [[ ! -f "cryptest.exe" ]]; then
 	echo "Failed to make cryptest.exe"
 	exit 1
 fi
 echo
 echo "****************************************************************"
 echo "Running $OLD_VERSION_TAG cryptest.exe using $OLD_VERSION_TAG library"
 echo "****************************************************************"
 echo
 if [[ "$IS_DARWIN" -ne "0" ]]; then
 	DYLD_LIBRARY_PATH="$PWD:$DYLD_LIBRARY_PATH" "$PWD/cryptest.exe" v 2>&1 | "$CXXFILT"
 	DYLD_LIBRARY_PATH="$PWD:$DYLD_LIBRARY_PATH" "$PWD/cryptest.exe" tv all 2>&1 | "$CXXFILT"
 else
 	LD_LIBRARY_PATH="$PWD:$LD_LIBRARY_PATH" "$PWD/cryptest.exe" v 2>&1 | "$CXXFILT"
 	LD_LIBRARY_PATH="$PWD:$LD_LIBRARY_PATH" "$PWD/cryptest.exe" tv all 2>&1 | "$CXXFILT"
 fi
 echo
 echo "****************************************************************"
 echo "Removing dynamic library and artifacts for $OLD_VERSION_TAG"
 echo "****************************************************************"
 rm -f adhoc.cpp *.a *.o *.so *.dylib
 git checkout "$NEW_VERSION_TAG" -f &>/dev/null
 if [[ "$?" -ne "0" ]]; then
 	echo "Failed to checkout $OLD_VERSION_TAG"
 	exit 1
 fi
 echo
 echo "****************************************************************"
 echo "Building dynamic library for $NEW_VERSION_TAG"
 echo "****************************************************************"
 echo
 LINK_LIBRARY="$LINK_LIBRARY" "$MAKE" "${MAKEARGS[@]}" -f GNUmakefile dynamic
 if [[ ! -f "$LINK_LIBRARY" ]]; then
 	echo "Failed to make $NEW_VERSION_TAG library"
 	exit 1
 fi
 echo
 echo "****************************************************************"
 echo "Running $OLD_VERSION_TAG cryptest.exe using $NEW_VERSION_TAG library"
 echo "****************************************************************"
 echo
 if [[ "$IS_DARWIN" -ne "0" ]]; then
 	DYLD_LIBRARY_PATH="$PWD:$DYLD_LIBRARY_PATH" "$PWD/cryptest.exe" v 2>&1 | "$CXXFILT"
 	DYLD_LIBRARY_PATH="$PWD:$DYLD_LIBRARY_PATH" "$PWD/cryptest.exe" tv all 2>&1 | "$CXXFILT"
 else
 	LD_LIBRARY_PATH="$PWD:$LD_LIBRARY_PATH" "$PWD/cryptest.exe" v 2>&1 | "$CXXFILT"
 	LD_LIBRARY_PATH="$PWD:$LD_LIBRARY_PATH" "$PWD/cryptest.exe" tv all 2>&1 | "$CXXFILT"
 fi
 git checkout master -f &>/dev/null
 if [[ "$?" -ne "0" ]]; then
 	echo "Failed to checkout Master"
 	exit 1
 fi
 exit 0
--- a/TestScripts/cryptest-tidy.sh
+++ b/TestScripts/cryptest-tidy.sh
@ -0,0 +1,6 @@
 #!/usr/bin/env bash
 for file in $(find . -maxdepth 1 -type f -name '*.cpp'); do
    echo "Tidying $file"
    clang-tidy $file -checks=-clang-analyzer-optin.cplusplus.VirtualCall -- -std=c++03
 done
--- a/TestScripts/cryptest-windows.pl
+++ b/TestScripts/cryptest-windows.pl
@ -1,41 +0,0 @@
 #!/usr/bin/env perl
 # cryptest-windows.sh - written and placed in public domain by Jeffrey Walton and Uri Blumenthal.
 #                       Thanks to Grant McLean on Stack Overflow for help with Perl and string handling.
 #                       Copyright assigned to Crypto++ project.
 # This is a test script that can be used on some Windows machines to automate building the
 # library and running the self test with various combinations of flags, options, and conditions.
 # For more details, see http://cryptopp.com/wiki/cryptest-windows.pl.
 # To run the script, copy cryptest-windows.pl from TestScripts to the root and then perform the following:
 #     .\cryptest-windows.pl
 use strict;
 use warnings;
 # Clean previous artifacts
 system('rmdir.exe', '/q', '/s', "Win32", "x64", "ipch");
 system('nmake.exe', '/f', 'cryptest.nmake', 'clean');
 # Enable multiple jobs in Nmake
 ENV{CL}="/MP";
 # Perl and redirection appears hopelessy broke or hopelessly complex. Take your pick.
 my $LOG_FILE = "cryptest-result.txt";
 system('del.exe', '/q', "$LOG_FILE");
 # Choices include SSE2, AVX (VS2013) and AVX2 (VS2015)
 my $ARCH = "/arch:AVX";
 my $DEBUG_RUNTIME_CXXFLAG = "/MDd";
 my $RELEASE_RUNTIME_CXXFLAG = "/MD";
 my $BASE_CXXFLAGS = "/nologo /W4 /wd4511 /D_MBCS /Zi /TP /GR /EHsc /MP /fp:precise /FI sdkddkver.h";
 my $DEBUG_CXXFLAGS = "$BASE_CXXFLAGS $DEBUG_RUNTIME_CXXFLAG /DDEBUG /D_DEBUG /Oi /Oy- /Od";
 my $RELEASE_CXXFLAGS = "$BASE_CXXFLAGS $RELEASE_RUNTIME_CXXFLAG /DNDEBUG /D_NDEBUG /Oi /Oy /O2";
 my BASE_LDFLAGS = "";
 system('nmake.exe', '/f', 'cryptest.nmake', 'clean');
 my $ret = system('nmake.exe', '/f', 'cryptest.nmake', "CXXFLAGS=\"$DEBUG_CXXFLAGS $ARCH\"");
--- a/TestScripts/cryptest.sh
+++ b/TestScripts/cryptest.sh
--- a/TestScripts/governor.sh
+++ b/TestScripts/governor.sh
@ -0,0 +1,67 @@
 #!/usr/bin/env bash
 # This scripts queries and modifies CPU scaling frequencies to produce more
 # accurate benchmark results. To move from a low energy state to a higher
 # one, run 'governor.sh performance'. To move back to a low power state
 # run 'governor.sh powersave' or 'governor.sh ondemand' or reboot. The script
 # based on code by Andy Polyakov, http://www.openssl.org/~appro/cryptogams/.
 # Fixup ancient Bash
 # https://unix.stackexchange.com/q/468579/56041
 if [[ -z "${BASH_SOURCE[0]}" ]]; then
 	BASH_SOURCE="$0"
 fi
 if [[ "$EUID" -ne 0 ]]; then
    echo "This script must be run as root"
    [[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 if [ "x$1" = "x" ]; then
    echo "usage: $0 on[demand]|pe[rformance]|po[wersave]|us[erspace]?"
    [[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 # "on demand" may result in a "invalid write argument" or similar
 case $1 in
    on*|de*)    governor="ondemand";;
    po*|pw*)    governor="powersave";;
    pe*)        governor="performance";;
    co*)        governor="conservative";;
    us*)        governor="userspace";;
    \?)         ;;
    *)          echo "$1: unrecognized governor";;
 esac
 if [ -z "$governor" ]; then
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 cpus=$(ls /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor 2>/dev/null)
 if [ -z "$cpus" ]; then
 	echo "Failed to read CPU system device tree"
 	[[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 1 || return 1
 fi
 echo "Current CPU governor scaling settings:"
 count=0
 for cpu in $cpus; do
 	echo "  CPU $count: $(cat "$cpu")"
 	((count++))
 done
 if [ "x$governor" != "x" ]; then
    for cpu in $cpus; do
        echo "$governor" > "$cpu"
    done
 fi
 echo "New CPU governor scaling settings:"
 count=0
 for cpu in $cpus; do
 	echo "  CPU $count: $(cat "$cpu")"
 	((count++))
 done
 [[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 0 || return 0
--- a/TestScripts/install-android.sh
+++ b/TestScripts/install-android.sh
@ -0,0 +1,16 @@
 #!/usr/bin/env bash
 set -e
 # install android deps
 sudo apt-get -qq update
 sudo apt-get -qq install --no-install-recommends openjdk-8-jdk unzip
 # android skd/ndk
 curl -Lo /tmp/android-sdk.zip https://dl.google.com/android/repository/sdk-tools-linux-3859397.zip
 unzip -qq /tmp/android-sdk.zip -d "$ANDROID_SDK"
 rm -f /tmp/android-sdk.zip
 echo y | "$ANDROID_SDK/tools/bin/sdkmanager" --update > /dev/null
 for package in "ndk-bundle"; do
 	echo install android $package
 	echo y | "$ANDROID_SDK/tools/bin/sdkmanager" "$package" > /dev/null
 done
--- a/TestScripts/master-merge.sh
+++ b/TestScripts/master-merge.sh
@ -1,63 +0,0 @@
 #!/usr/bin/env bash
 if [[ (-z $(git rev-parse HEAD 2>/dev/null)) ]]; then
 	echo "$PWD is not a Git repository"
 	[[ "$0" = "$BASH_SOURCE" ]] && exit 1 || return 1
 fi
 current=$(git rev-parse --abbrev-ref HEAD 2>/dev/null)
 git fetch --all &>/dev/null &>/dev/null
 if [[ "$?" -ne "0" ]]; then
 	echo "git fetch --all failed"
 	[[ "$0" = "$BASH_SOURCE" ]] && exit 1 || return 1
 fi
 for branch in $(git branch -a | cut -b 2- | grep "remotes/origin" | cut -f 3 -d '/' | awk '{print $1}');
 do
 	# Skip anything that looks like Master
 	if [[ ((-z "$branch") || ("$branch" = "master") || ("$branch" = "HEAD")) ]]; then
 		continue;
 	fi
 	# Skip anything that looks like a release, like CRYPTOPP_5_6_3
 	if [[ (! -z $(echo -n "$branch" | grep "CRYPTOPP_")) ]]; then
 		continue;
 	fi
 	echo "**************** $branch *******************"
 	git checkout -f "$branch" &>/dev/null
 	if [[ "$?" -ne "0" ]]; then
 		echo "git checkout $branch failed"
 		continue;
 	fi
 	git rebase "origin/$branch"
 	if [[ "$?" -ne "0" ]]; then
 		echo "git rebase $branch failed"
 		continue;
 	fi
 	git merge master -S -m "Merge branch 'master' into dev-branch '$branch'" &>/dev/null
 	if [[ "$?" -ne "0" ]]; then
 		echo "git merge $branch failed"
 		continue;
 	fi
 	git push &>/dev/null
 	if [[ "$?" -ne "0" ]]; then
 		echo "git push $branch failed"
 		continue;
 	fi
 	echo "Completed merging for '$branch'"
 done
 if [[ ! -z  "$current" ]]; then
 	git checkout "$current" &>/dev/null
 fi
 echo "Back on branch $current"
 [[ "$0" = "$BASH_SOURCE" ]] && exit 0 || return 0
--- a/TestScripts/reset-fork.sh
+++ b/TestScripts/reset-fork.sh
@ -0,0 +1,10 @@
 #!/usr/bin/env bash
 # Use this script to reset a fork to Wei Dai's master
 # https://stackoverflow.com/questions/9646167/clean-up-a-fork-and-restart-it-from-the-upstream
 git remote add upstream https://github.com/weidai11/cryptopp 2>/dev/null
 git fetch upstream
 git checkout master
 git reset --hard upstream/master
 git push origin master --force
--- a/TestScripts/setenv-android-gcc.sh
+++ b/TestScripts/setenv-android-gcc.sh
@ -0,0 +1,455 @@
 #!/usr/bin/env bash
 # ====================================================================
 # Sets the cross compile environment for Android
 # Based upon OpenSSL's setenv-android.sh (by TH, JW, and SM).
 # Updated by Skycoder42 to the latest NDK.
 # These changes are based on the current recommendations for Android
 # for their "Unified Headers". Details can be found at:
 # https://android.googlesource.com/platform/ndk.git/+/HEAD/docs/UnifiedHeaders.md
 # https://android.googlesource.com/platform/ndk/+/master/docs/PlatformApis.md
 #
 # Crypto++ Library is copyrighted as a compilation and (as of version 5.6.2)
 # licensed under the Boost Software License 1.0, while the individual files
 # in the compilation are all public domain.
 #
 # See http://www.cryptopp.com/wiki/Android_(Command_Line) for more details
 # ====================================================================
 # set -eu
 # Sanity check
 if [ "$0" = "${BASH_SOURCE[0]}" ]; then
    echo "Please source this setenv script"
    exit 0
 fi
 unset IS_CROSS_COMPILE
 unset IS_IOS
 unset IS_ANDROID
 unset IS_ARM_EMBEDDED
 # Variables used in GNUmakefile-cross
 unset AOSP_FLAGS
 unset AOSP_SYSROOT
 unset AOSP_LD_SYSROOT
 unset AOSP_SYS_ARCH_INC
 unset AOSP_STL_INC
 unset AOSP_STL_LIB
 unset AOSP_BITS_INC
 # Tools set by this script
 unset CPP CC CXX LD AS AR RANLIB STRIP
 # Similar to a "make clean"
 if [ x"${1-}" = "xunset" ]; then
    echo "Unsetting script variables. PATH may remain tainted"
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 0 || return 0
 fi
 # Set AOSP_TOOLCHAIN_SUFFIX to your preference of tools and STL library.
 #   Note: 4.9 is required for the latest architectures, like ARM64/AARCH64.
 # AOSP_TOOLCHAIN_SUFFIX=4.8
 # AOSP_TOOLCHAIN_SUFFIX=4.9
 if [ -z "${AOSP_TOOLCHAIN_SUFFIX-}" ]; then
    AOSP_TOOLCHAIN_SUFFIX=4.9
 fi
 # Set AOSP_API_VERSION to the API you want to use. 'armeabi' and 'armeabi-v7a' need
 #   API 3 (or above), 'mips' and 'x86' need API 9 (or above), etc.
 # AOSP_API_VERSION="3"     # Android 1.5 and above
 # AOSP_API_VERSION="4"     # Android 1.6 and above
 # AOSP_API_VERSION="5"     # Android 2.0 and above
 # AOSP_API_VERSION="8"     # Android 2.2 and above
 # AOSP_API_VERSION="9"     # Android 2.3 and above
 # AOSP_API_VERSION="14"    # Android 4.0 and above
 # AOSP_API_VERSION="18"    # Android 4.3 and above
 # AOSP_API_VERSION="19"    # Android 4.4 and above
 # AOSP_API_VERSION="21"    # Android 5.0 and above
 # AOSP_API_VERSION="23"    # Android 6.0 and above
 if [ -z "${AOSP_API_VERSION-}" ]; then
    AOSP_API_VERSION="21"
 fi
 if [ -z "${AOSP_API-}" ]; then
    AOSP_API="android-${AOSP_API_VERSION}"
 else
    echo "WARNING: Using AOSP_API has been deprecated. Please use AOSP_API_VERSION instead."
    echo "If you set for example AOSP_API=android-23 then now instead set AOSP_API_VERSION=23"
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 #####################################################################
 # ANDROID_NDK_ROOT should always be set by the user (even when not running this script)
 #   http://groups.google.com/group/android-ndk/browse_thread/thread/a998e139aca71d77.
 # If the user did not specify the NDK location, try and pick it up. We expect something
 #   like ANDROID_NDK_ROOT=/opt/android-ndk-r10e or ANDROID_NDK_ROOT=/usr/local/android-ndk-r10e.
 if [ -z "${ANDROID_NDK_ROOT-}" ]; then
    ANDROID_NDK_ROOT=$(find /opt -maxdepth 1 -type d -name android-ndk* 2>/dev/null | tail -1)
    if [ -z "$ANDROID_NDK_ROOT" ]; then
        ANDROID_NDK_ROOT=$(find /usr/local -maxdepth 1 -type d -name android-ndk* 2>/dev/null | tail -1)
    fi
    if [ -z "$ANDROID_NDK_ROOT" ]; then
        ANDROID_NDK_ROOT=$(find $HOME -maxdepth 1 -type d -name android-ndk* 2>/dev/null | tail -1)
    fi
    if [ -d "$HOME/Library/Android/sdk/ndk-bundle" ]; then
        ANDROID_NDK_ROOT="$HOME/Library/Android/sdk/ndk-bundle"
    fi
 fi
 # Error checking
 if [ ! -d "$ANDROID_NDK_ROOT/toolchains" ]; then
    echo "ERROR: ANDROID_NDK_ROOT is not a valid path. Please set it."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 #####################################################################
 if [ "$#" -lt 1 ]; then
    THE_ARCH=armv7a-neon
 else
    THE_ARCH=$(tr [A-Z] [a-z] <<< "$1")
 fi
 # https://developer.android.com/ndk/guides/abis.html
 case "$THE_ARCH" in
  arm|armv5|armv6|armv7|armeabi)
    TOOLCHAIN_ARCH="arm-linux-androideabi"
    TOOLCHAIN_NAME="arm-linux-androideabi"
    AOSP_ABI="armeabi"
    AOSP_ARCH="arch-arm"
    AOSP_FLAGS="-march=armv5te -mtune=xscale -mthumb -msoft-float -DCRYPTOPP_DISABLE_ASM -funwind-tables -fexceptions -frtti"
    ;;
  armv7a|armv7-a|armeabi-v7a)
    TOOLCHAIN_ARCH="arm-linux-androideabi"
    TOOLCHAIN_NAME="arm-linux-androideabi"
    AOSP_ABI="armeabi-v7a"
    AOSP_ARCH="arch-arm"
    AOSP_FLAGS="-march=armv7-a -mthumb -mfpu=vfpv3-d16 -mfloat-abi=softfp -DCRYPTOPP_DISABLE_ASM -Wl,--fix-cortex-a8 -funwind-tables -fexceptions -frtti"
    ;;
  hard|armv7a-hard|armeabi-v7a-hard)
    echo hard, armv7a-hard and armeabi-v7a-hard are not supported, as android uses softfloats
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
    #TOOLCHAIN_ARCH="arm-linux-androideabi"
    #TOOLCHAIN_NAME="arm-linux-androideabi"
    #AOSP_ABI="armeabi-v7a"
    #AOSP_ARCH="arch-arm"
    #AOSP_FLAGS="-mhard-float -D_NDK_MATH_NO_SOFTFP=1 -march=armv7-a -mfpu=vfpv3-d16 -DCRYPTOPP_DISABLE_ASM -mfloat-abi=softfp -Wl,--fix-cortex-a8 -funwind-tables -fexceptions -frtti -Wl,--no-warn-mismatch -Wl,-lm_hard"
    ;;
  neon|armv7a-neon)
    TOOLCHAIN_ARCH="arm-linux-androideabi"
    TOOLCHAIN_NAME="arm-linux-androideabi"
    AOSP_ABI="armeabi-v7a"
    AOSP_ARCH="arch-arm"
    AOSP_FLAGS="-march=armv7-a -mfpu=neon -mfloat-abi=softfp -Wl,--fix-cortex-a8 -funwind-tables -fexceptions -frtti"
    ;;
  armv8|armv8a|aarch64|arm64|arm64-v8a)
    TOOLCHAIN_ARCH="aarch64-linux-android"
    TOOLCHAIN_NAME="aarch64-linux-android"
    AOSP_ABI="arm64-v8a"
    AOSP_ARCH="arch-arm64"
    AOSP_FLAGS="-funwind-tables -fexceptions -frtti"
    ;;
  mips|mipsel)
    TOOLCHAIN_ARCH="mipsel-linux-android"
    TOOLCHAIN_NAME="mipsel-linux-android"
    AOSP_ABI="mips"
    AOSP_ARCH="arch-mips"
    AOSP_FLAGS="-funwind-tables -fexceptions -frtti"
    ;;
  mips64|mipsel64|mips64el)
    TOOLCHAIN_ARCH="mips64el-linux-android"
    TOOLCHAIN_NAME="mips64el-linux-android"
    AOSP_ABI="mips64"
    AOSP_ARCH="arch-mips64"
    AOSP_FLAGS="-funwind-tables -fexceptions -frtti"
    ;;
  x86)
    TOOLCHAIN_ARCH="x86"
    TOOLCHAIN_NAME="i686-linux-android"
    AOSP_ABI="x86"
    AOSP_ARCH="arch-x86"
    AOSP_FLAGS="-mtune=intel -mssse3 -mfpmath=sse -funwind-tables -fexceptions -frtti"
    ;;
  x86_64|x64)
    TOOLCHAIN_ARCH="x86_64"
    TOOLCHAIN_NAME="x86_64-linux-android"
    AOSP_ABI="x86_64"
    AOSP_ARCH="arch-x86_64"
    AOSP_FLAGS="-march=x86-64 -msse4.2 -mpopcnt -mtune=intel -funwind-tables -fexceptions -frtti"
    ;;
  *)
    echo "ERROR: Unknown architecture $1"
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
    ;;
 esac
 #####################################################################
 # add missing android API version flag as of https://android.googlesource.com/platform/ndk.git/+/HEAD/docs/UnifiedHeaders.md
 AOSP_FLAGS="-D__ANDROID_API__=$AOSP_API_VERSION $AOSP_FLAGS"
 # GNUmakefile-cross expects these to be set. They are also used in the tests below.
 export IS_ANDROID=1
 export AOSP_FLAGS
 export CPP="$TOOLCHAIN_NAME-cpp"
 export CC="$TOOLCHAIN_NAME-gcc"
 export CXX="$TOOLCHAIN_NAME-g++"
 export LD="$TOOLCHAIN_NAME-ld"
 export AS="$TOOLCHAIN_NAME-as"
 export AR="$TOOLCHAIN_NAME-ar"
 export RANLIB="$TOOLCHAIN_NAME-ranlib"
 export STRIP="$TOOLCHAIN_NAME-strip"
 export AOSP_SYS_ARCH_INC="$ANDROID_NDK_ROOT/sysroot/usr/include/$TOOLCHAIN_NAME"
 #####################################################################
 # Based on ANDROID_NDK_ROOT, try and pick up the path for the tools. We expect something
 # like /opt/android-ndk-r10e/toolchains/arm-linux-androideabi-4.7/prebuilt/linux-x86_64/bin
 # Once we locate the tools, we add it to the PATH.
 AOSP_TOOLCHAIN_PATH=""
 for host in "linux-x86_64" "darwin-x86_64" "linux-x86" "darwin-x86"
 do
    if [ -d "$ANDROID_NDK_ROOT/toolchains/$TOOLCHAIN_ARCH-$AOSP_TOOLCHAIN_SUFFIX/prebuilt/$host/bin" ]; then
        AOSP_TOOLCHAIN_PATH="$ANDROID_NDK_ROOT/toolchains/$TOOLCHAIN_ARCH-$AOSP_TOOLCHAIN_SUFFIX/prebuilt/$host/bin"
        break
    fi
 done
 # Error checking
 if [ -z "$AOSP_TOOLCHAIN_PATH" ] || [ ! -d "$AOSP_TOOLCHAIN_PATH" ]; then
    echo "ERROR: AOSP_TOOLCHAIN_PATH is not valid. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Error checking
 if [ ! -e "$AOSP_TOOLCHAIN_PATH/$CPP" ]; then
    echo "ERROR: Failed to find Android cpp. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Error checking
 if [ ! -e "$AOSP_TOOLCHAIN_PATH/$CC" ]; then
    echo "ERROR: Failed to find Android gcc. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 if [ ! -e "$AOSP_TOOLCHAIN_PATH/$CXX" ]; then
    echo "ERROR: Failed to find Android g++. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Error checking
 if [ ! -e "$AOSP_TOOLCHAIN_PATH/$RANLIB" ]; then
    echo "ERROR: Failed to find Android ranlib. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Error checking
 if [ ! -e "$AOSP_TOOLCHAIN_PATH/$AR" ]; then
    echo "ERROR: Failed to find Android ar. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Error checking
 if [ ! -e "$AOSP_TOOLCHAIN_PATH/$AS" ]; then
    echo "ERROR: Failed to find Android as. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Error checking
 if [ ! -e "$AOSP_TOOLCHAIN_PATH/$LD" ]; then
    echo "ERROR: Failed to find Android ld. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Only modify/export PATH if AOSP_TOOLCHAIN_PATH good
 if [ -d "$AOSP_TOOLCHAIN_PATH" ]; then
    # And only modify PATH if AOSP_TOOLCHAIN_PATH is not present
    LEN=${#AOSP_TOOLCHAIN_PATH}
    SUBSTR=${PATH:0:$LEN}
    if [ "$SUBSTR" != "$AOSP_TOOLCHAIN_PATH" ]; then
        export PATH="$AOSP_TOOLCHAIN_PATH":"$PATH"
    fi
 fi
 #####################################################################
 # Error checking
 if [ ! -d "$ANDROID_NDK_ROOT/platforms/$AOSP_API" ]; then
    echo "ERROR: AOSP_API is not valid. Does the NDK support the API? Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 elif [ ! -d "$ANDROID_NDK_ROOT/platforms/$AOSP_API/$AOSP_ARCH" ]; then
    echo "ERROR: AOSP_ARCH is not valid. Does the NDK support the architecture? Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Android SYSROOT. It will be used on the command line with --sysroot
 #   http://android.googlesource.com/platform/ndk/+/ics-mr0/docs/STANDALONE-TOOLCHAIN.html
 export AOSP_SYSROOT="$ANDROID_NDK_ROOT/sysroot"
 export AOSP_LD_SYSROOT="$ANDROID_NDK_ROOT/platforms/$AOSP_API/$AOSP_ARCH"
 #####################################################################
 # Android STL. We support GNU, LLVM and STLport out of the box.
 if [ "$#" -lt 2 ]; then
    THE_STL=gnu-shared
 else
    THE_STL=$(tr [A-Z] [a-z] <<< "$2")
 fi
 # LLVM include directory may be different depending on NDK version. Default to new location (latest NDK checked: r16beta1).
 LLVM_INCLUDE_DIR="$ANDROID_NDK_ROOT/sources/cxx-stl/llvm-libc++/include"
 if [ ! -d "$LLVM_INCLUDE_DIR" ]; then
    LLVM_INCLUDE_DIR="$ANDROID_NDK_ROOT/sources/cxx-stl/llvm-libc++/libcxx/include"
 fi
 case "$THE_STL" in
  stlport-static)
    AOSP_STL_INC="$ANDROID_NDK_ROOT/sources/cxx-stl/stlport/stlport/"
    AOSP_STL_LIB="$ANDROID_NDK_ROOT/sources/cxx-stl/stlport/libs/$AOSP_ABI/libstlport_static.a"
    ;;
  stlport|stlport-shared)
    AOSP_STL_INC="$ANDROID_NDK_ROOT/sources/cxx-stl/stlport/stlport/"
    AOSP_STL_LIB="$ANDROID_NDK_ROOT/sources/cxx-stl/stlport/libs/$AOSP_ABI/libstlport_shared.so"
    ;;
  gabi++-static|gnu-static)
    AOSP_STL_INC="$ANDROID_NDK_ROOT/sources/cxx-stl/gnu-libstdc++/$AOSP_TOOLCHAIN_SUFFIX/include"
    AOSP_BITS_INC="$ANDROID_NDK_ROOT/sources/cxx-stl/gnu-libstdc++/$AOSP_TOOLCHAIN_SUFFIX/libs/$AOSP_ABI/include"
    AOSP_STL_LIB="$ANDROID_NDK_ROOT/sources/cxx-stl/gnu-libstdc++/$AOSP_TOOLCHAIN_SUFFIX/libs/$AOSP_ABI/libgnustl_static.a"
    ;;
  gnu|gabi++|gnu-shared|gabi++-shared)
    AOSP_STL_INC="$ANDROID_NDK_ROOT/sources/cxx-stl/gnu-libstdc++/$AOSP_TOOLCHAIN_SUFFIX/include"
    AOSP_BITS_INC="$ANDROID_NDK_ROOT/sources/cxx-stl/gnu-libstdc++/$AOSP_TOOLCHAIN_SUFFIX/libs/$AOSP_ABI/include"
    AOSP_STL_LIB="$ANDROID_NDK_ROOT/sources/cxx-stl/gnu-libstdc++/$AOSP_TOOLCHAIN_SUFFIX/libs/$AOSP_ABI/libgnustl_shared.so"
    ;;
  llvm-static)
    echo WARNING: llvm is still in experimental state and migth not work as expected
    if [ ! -d "$LLVM_INCLUDE_DIR" ]; then
        echo "ERROR: Unable to locate include LLVM directory at $LLVM_INCLUDE_DIR -- has it moved since NDK r16beta1?"
        [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
    fi
    AOSP_STL_INC="$LLVM_INCLUDE_DIR"
    AOSP_STL_LIB="$ANDROID_NDK_ROOT/sources/cxx-stl/llvm-libc++/libs/$AOSP_ABI/libc++_static.a"
    ;;
  llvm|llvm-shared)
    echo WARNING: llvm is still in experimental state and migth not work as expected
    if [ ! -d "$LLVM_INCLUDE_DIR" ]; then
        echo "ERROR: Unable to locate LLVM include directory at $LLVM_INCLUDE_DIR -- has it moved since NDK r16beta1?"
        [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
    fi
    AOSP_STL_INC="$LLVM_INCLUDE_DIR"
    AOSP_STL_LIB="$ANDROID_NDK_ROOT/sources/cxx-stl/llvm-libc++/libs/$AOSP_ABI/libc++_shared.so"
    ;;
  *)
    echo "ERROR: Unknown STL library $2"
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 esac
 # Error checking
 if [ ! -d "$AOSP_STL_INC" ] || [ ! -e "$AOSP_STL_INC/memory" ]; then
    echo "ERROR: AOSP_STL_INC is not valid. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Error checking
 if [ ! -e "$AOSP_STL_LIB" ]; then
    echo "ERROR: AOSP_STL_LIB is not valid. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 export AOSP_STL_INC
 export AOSP_STL_LIB
 if [ ! -z "$AOSP_BITS_INC" ]; then
    export AOSP_BITS_INC
 fi
 # Now that we are using cpu-features from Android rather than CPU probing, we
 # need to copy cpu-features.h and cpu-features.c from the NDK into our source
 # directory and then build it.
 if [[ ! -e "$ANDROID_NDK_ROOT/sources/android/cpufeatures/cpu-features.h" ]]; then
    echo "ERROR: Unable to locate cpu-features.h"
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 cp "$ANDROID_NDK_ROOT/sources/android/cpufeatures/cpu-features.h" .
 if [[ ! -e "$ANDROID_NDK_ROOT/sources/android/cpufeatures/cpu-features.c" ]]; then
    echo "ERROR: Unable to locate cpu-features.c"
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 cp "$ANDROID_NDK_ROOT/sources/android/cpufeatures/cpu-features.c" .
 #####################################################################
 VERBOSE=1
 if [ ! -z "$VERBOSE" ] && [ "$VERBOSE" != "0" ]; then
  echo "ANDROID_NDK_ROOT: $ANDROID_NDK_ROOT"
  echo "AOSP_TOOLCHAIN_PATH: $AOSP_TOOLCHAIN_PATH"
  echo "AOSP_ABI: $AOSP_ABI"
  echo "AOSP_API: $AOSP_API"
  echo "AOSP_SYSROOT: $AOSP_SYSROOT"
  echo "AOSP_LD_SYSROOT: $AOSP_LD_SYSROOT"
  echo "AOSP_FLAGS: $AOSP_FLAGS"
  echo "AOSP_SYS_ARCH_INC: $AOSP_SYS_ARCH_INC"
  echo "AOSP_STL_INC: $AOSP_STL_INC"
  echo "AOSP_STL_LIB: $AOSP_STL_LIB"
  if [ ! -z "$AOSP_BITS_INC" ]; then
    echo "AOSP_BITS_INC: $AOSP_BITS_INC"
  fi
  if [ -e "cpu-features.h" ] && [ -e "cpu-features.c" ]; then
    echo "CPU FEATURES: cpu-features.h and cpu-features.c are present"
  fi
 fi
 #####################################################################
 COUNT=$(echo -n "$AOSP_STL_LIB" | egrep -i -c 'libstdc\+\+')
 if [[ ("$COUNT" -ne "0") ]]; then
    echo
    echo "*******************************************************************************"
    echo "You are using GNU's runtime and STL library. Please ensure the resulting"
    echo "binary meets licensing requirements. If you can't use GNU's runtime"
    echo "and STL library, then reconfigure with stlport or llvm. Also see"
    echo "http://code.google.com/p/android/issues/detail?id=216331"
    echo "*******************************************************************************"
 fi
 COUNT=$(echo -n "$AOSP_STL_LIB" | grep -i -c 'libstlport')
 if [[ ("$COUNT" -ne "0") ]]; then
    echo
    echo "*******************************************************************************"
    echo "You are using STLport's runtime and STL library. STLport could cause problems"
    echo "if the resulting binary is used in other environments, like a QT project."
    echo "Also see http://code.google.com/p/android/issues/detail?id=216331"
    echo "*******************************************************************************"
 fi
 COUNT=$(echo -n "$AOSP_STL_LIB" | egrep -i -c 'libc\+\+')
 if [[ ("$COUNT" -ne "0") ]]; then
    echo
    echo "*******************************************************************************"
    echo "You are using LLVM's runtime and STL library. LLVM could cause problems"
    echo "if the resulting binary is used in other environments, like a QT project."
    echo "Also see http://code.google.com/p/android/issues/detail?id=216331"
    echo "*******************************************************************************"
 fi
 echo
 echo "*******************************************************************************"
 echo "It looks the the environment is set correctly. Your next step is build"
 echo "the library with 'make -f GNUmakefile-cross'. You can create a versioned"
 echo "shared object using 'HAS_SOLIB_VERSION=1 make -f GNUmakefile-cross'"
 echo "*******************************************************************************"
 echo
 [ "$0" = "${BASH_SOURCE[0]}" ] && exit 0 || return 0
--- a/TestScripts/setenv-android-old.sh
+++ b/TestScripts/setenv-android-old.sh
@ -0,0 +1,436 @@
 #!/usr/bin/env bash
 # ====================================================================
 # Sets the cross compile environment for Android
 # Based upon OpenSSL's setenv-android.sh (by TH, JW, and SM).
 #
 # Crypto++ Library is copyrighted as a compilation and (as of version 5.6.2)
 # licensed under the Boost Software License 1.0, while the individual files
 # in the compilation are all public domain.
 #
 # This script is the one used from about 2012 until late 2017. Sometime in
 # 2017 AOSP made some NDK changes that were incompatible with the original
 # script. The original setenv-android.sh was renamed to setenv-android-old.sh,
 # and it can be used on older NDKs like r9 or r13. setenv-android.sh was then
 # reworked for newer NDKs, like r16. setenv-android.sh effectively supports
 # the latest NDKs. Also see https://github.com/weidai11/cryptopp/pull/546.
 #
 # See http://www.cryptopp.com/wiki/Android_(Command_Line) for more details
 # ====================================================================
 # set -eu
 # Sanity check
 if [ "$0" = "${BASH_SOURCE[0]}" ]; then
    echo "Please source this setenv script"
    exit 0
 fi
 unset IS_CROSS_COMPILE
 unset IS_IOS
 unset IS_ANDROID
 unset IS_ARM_EMBEDDED
 # Variables used in GNUmakefile-cross
 unset AOSP_FLAGS
 unset AOSP_SYSROOT
 unset AOSP_STL_INC
 unset AOSP_STL_LIB
 unset AOSP_BITS_INC
 # Tools set by this script
 unset CPP CC CXX LD AS AR RANLIB STRIP
 # Similar to a "make clean"
 if [ x"${1-}" = "xunset" ]; then
    echo "Unsetting script variables. PATH may remain tainted"
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 0 || return 0
 fi
 # Set AOSP_TOOLCHAIN_SUFFIX to your preference of tools and STL library.
 #   Note: 4.9 is required for the latest architectures, like ARM64/AARCH64.
 # AOSP_TOOLCHAIN_SUFFIX=4.8
 # AOSP_TOOLCHAIN_SUFFIX=4.9
 if [ -z "${AOSP_TOOLCHAIN_SUFFIX-}" ]; then
    AOSP_TOOLCHAIN_SUFFIX=4.9
 fi
 # Set AOSP_API to the API you want to use. 'armeabi' and 'armeabi-v7a' need
 #   API 3 (or above), 'mips' and 'x86' need API 9 (or above), etc.
 # AOSP_API="android-3"     # Android 1.5 and above
 # AOSP_API="android-4"     # Android 1.6 and above
 # AOSP_API="android-5"     # Android 2.0 and above
 # AOSP_API="android-8"     # Android 2.2 and above
 # AOSP_API="android-9"     # Android 2.3 and above
 # AOSP_API="android-14"    # Android 4.0 and above
 # AOSP_API="android-18"    # Android 4.3 and above
 # AOSP_API="android-19"    # Android 4.4 and above
 # AOSP_API="android-21"    # Android 5.0 and above
 # AOSP_API="android-23"    # Android 6.0 and above
 if [ -z "${AOSP_API-}" ]; then
    AOSP_API="android-21"
 fi
 #####################################################################
 # ANDROID_NDK_ROOT should always be set by the user (even when not running this script)
 #   http://groups.google.com/group/android-ndk/browse_thread/thread/a998e139aca71d77.
 # If the user did not specify the NDK location, try and pick it up. We expect something
 #   like ANDROID_NDK_ROOT=/opt/android-ndk-r10e or ANDROID_NDK_ROOT=/usr/local/android-ndk-r10e.
 if [ -z "${ANDROID_NDK_ROOT-}" ]; then
    ANDROID_NDK_ROOT=$(find /opt -maxdepth 1 -type d -name android-ndk* 2>/dev/null | tail -1)
    if [ -z "$ANDROID_NDK_ROOT" ]; then
        ANDROID_NDK_ROOT=$(find /usr/local -maxdepth 1 -type d -name android-ndk* 2>/dev/null | tail -1)
    fi
    if [ -z "$ANDROID_NDK_ROOT" ]; then
        ANDROID_NDK_ROOT=$(find $HOME -maxdepth 1 -type d -name android-ndk* 2>/dev/null | tail -1)
    fi
    if [ -d "$HOME/Library/Android/sdk/ndk-bundle" ]; then
        ANDROID_NDK_ROOT="$HOME/Library/Android/sdk/ndk-bundle"
    fi
 fi
 # Error checking
 if [ ! -d "$ANDROID_NDK_ROOT/toolchains" ]; then
    echo "ERROR: ANDROID_NDK_ROOT is not a valid path. Please set it."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 #####################################################################
 if [ "$#" -lt 1 ]; then
    THE_ARCH=armv7a-neon
 else
    THE_ARCH=$(tr [A-Z] [a-z] <<< "$1")
 fi
 # https://developer.android.com/ndk/guides/abis.html
 case "$THE_ARCH" in
  arm|armv5|armv6|armv7|armeabi)
    TOOLCHAIN_ARCH="arm-linux-androideabi"
    TOOLCHAIN_NAME="arm-linux-androideabi"
    AOSP_ABI="armeabi"
    AOSP_ARCH="arch-arm"
    AOSP_FLAGS="-march=armv5te -mtune=xscale -mthumb -msoft-float -DCRYPTOPP_DISABLE_ASM -funwind-tables -fexceptions -frtti"
    ;;
  armv7a|armv7-a|armeabi-v7a)
    TOOLCHAIN_ARCH="arm-linux-androideabi"
    TOOLCHAIN_NAME="arm-linux-androideabi"
    AOSP_ABI="armeabi-v7a"
    AOSP_ARCH="arch-arm"
    AOSP_FLAGS="-march=armv7-a -mthumb -mfpu=vfpv3-d16 -mfloat-abi=softfp -DCRYPTOPP_DISABLE_ASM -Wl,--fix-cortex-a8 -funwind-tables -fexceptions -frtti"
    ;;
  hard|armv7a-hard|armeabi-v7a-hard)
    TOOLCHAIN_ARCH="arm-linux-androideabi"
    TOOLCHAIN_NAME="arm-linux-androideabi"
    AOSP_ABI="armeabi-v7a"
    AOSP_ARCH="arch-arm"
    AOSP_FLAGS="-mhard-float -D_NDK_MATH_NO_SOFTFP=1 -march=armv7-a -mfpu=vfpv3-d16 -DCRYPTOPP_DISABLE_ASM -mfloat-abi=softfp -Wl,--fix-cortex-a8 -funwind-tables -fexceptions -frtti -Wl,--no-warn-mismatch -Wl,-lm_hard"
    ;;
  neon|armv7a-neon)
    TOOLCHAIN_ARCH="arm-linux-androideabi"
    TOOLCHAIN_NAME="arm-linux-androideabi"
    AOSP_ABI="armeabi-v7a"
    AOSP_ARCH="arch-arm"
    AOSP_FLAGS="-march=armv7-a -mfpu=neon -mfloat-abi=softfp -Wl,--fix-cortex-a8 -funwind-tables -fexceptions -frtti"
    ;;
  armv8|armv8a|aarch64|arm64|arm64-v8a)
    TOOLCHAIN_ARCH="aarch64-linux-android"
    TOOLCHAIN_NAME="aarch64-linux-android"
    AOSP_ABI="arm64-v8a"
    AOSP_ARCH="arch-arm64"
    AOSP_FLAGS="-funwind-tables -fexceptions -frtti"
    ;;
  mips|mipsel)
    TOOLCHAIN_ARCH="mipsel-linux-android"
    TOOLCHAIN_NAME="mipsel-linux-android"
    AOSP_ABI="mips"
    AOSP_ARCH="arch-mips"
    AOSP_FLAGS="-funwind-tables -fexceptions -frtti"
    ;;
  mips64|mipsel64|mips64el)
    TOOLCHAIN_ARCH="mips64el-linux-android"
    TOOLCHAIN_NAME="mips64el-linux-android"
    AOSP_ABI="mips64"
    AOSP_ARCH="arch-mips64"
    AOSP_FLAGS="-funwind-tables -fexceptions -frtti"
    ;;
  x86)
    TOOLCHAIN_ARCH="x86"
    TOOLCHAIN_NAME="i686-linux-android"
    AOSP_ABI="x86"
    AOSP_ARCH="arch-x86"
    AOSP_FLAGS="-mtune=intel -mssse3 -mfpmath=sse -funwind-tables -fexceptions -frtti"
    ;;
  x86_64|x64)
    TOOLCHAIN_ARCH="x86_64"
    TOOLCHAIN_NAME="x86_64-linux-android"
    AOSP_ABI="x86_64"
    AOSP_ARCH="arch-x86_64"
    AOSP_FLAGS="-march=x86-64 -msse4.2 -mpopcnt -mtune=intel -funwind-tables -fexceptions -frtti"
    ;;
  *)
    echo "ERROR: Unknown architecture $1"
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
    ;;
 esac
 #####################################################################
 # GNUmakefile-cross expects these to be set. They are also used in the tests below.
 export IS_ANDROID=1
 export AOSP_FLAGS
 export CPP="$TOOLCHAIN_NAME-cpp"
 export CC="$TOOLCHAIN_NAME-gcc"
 export CXX="$TOOLCHAIN_NAME-g++"
 export LD="$TOOLCHAIN_NAME-ld"
 export AS="$TOOLCHAIN_NAME-as"
 export AR="$TOOLCHAIN_NAME-ar"
 export RANLIB="$TOOLCHAIN_NAME-ranlib"
 export STRIP="$TOOLCHAIN_NAME-strip"
 #####################################################################
 # Based on ANDROID_NDK_ROOT, try and pick up the path for the tools. We expect something
 # like /opt/android-ndk-r10e/toolchains/arm-linux-androideabi-4.7/prebuilt/linux-x86_64/bin
 # Once we locate the tools, we add it to the PATH.
 AOSP_TOOLCHAIN_PATH=""
 for host in "linux-x86_64" "darwin-x86_64" "linux-x86" "darwin-x86"
 do
    if [ -d "$ANDROID_NDK_ROOT/toolchains/$TOOLCHAIN_ARCH-$AOSP_TOOLCHAIN_SUFFIX/prebuilt/$host/bin" ]; then
        AOSP_TOOLCHAIN_PATH="$ANDROID_NDK_ROOT/toolchains/$TOOLCHAIN_ARCH-$AOSP_TOOLCHAIN_SUFFIX/prebuilt/$host/bin"
        break
    fi
 done
 # Error checking
 if [ -z "$AOSP_TOOLCHAIN_PATH" ] || [ ! -d "$AOSP_TOOLCHAIN_PATH" ]; then
    echo "ERROR: AOSP_TOOLCHAIN_PATH is not valid. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Error checking
 if [ ! -e "$AOSP_TOOLCHAIN_PATH/$CPP" ]; then
    echo "ERROR: Failed to find Android cpp. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Error checking
 if [ ! -e "$AOSP_TOOLCHAIN_PATH/$CC" ]; then
    echo "ERROR: Failed to find Android gcc. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 if [ ! -e "$AOSP_TOOLCHAIN_PATH/$CXX" ]; then
    echo "ERROR: Failed to find Android g++. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Error checking
 if [ ! -e "$AOSP_TOOLCHAIN_PATH/$RANLIB" ]; then
    echo "ERROR: Failed to find Android ranlib. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Error checking
 if [ ! -e "$AOSP_TOOLCHAIN_PATH/$AR" ]; then
    echo "ERROR: Failed to find Android ar. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Error checking
 if [ ! -e "$AOSP_TOOLCHAIN_PATH/$AS" ]; then
    echo "ERROR: Failed to find Android as. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Error checking
 if [ ! -e "$AOSP_TOOLCHAIN_PATH/$LD" ]; then
    echo "ERROR: Failed to find Android ld. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Only modify/export PATH if AOSP_TOOLCHAIN_PATH good
 if [ -d "$AOSP_TOOLCHAIN_PATH" ]; then
    # And only modify PATH if AOSP_TOOLCHAIN_PATH is not present
    LEN=${#AOSP_TOOLCHAIN_PATH}
    SUBSTR=${PATH:0:$LEN}
    if [ "$SUBSTR" != "$AOSP_TOOLCHAIN_PATH" ]; then
        export PATH="$AOSP_TOOLCHAIN_PATH":"$PATH"
    fi
 fi
 #####################################################################
 # Error checking
 if [ ! -d "$ANDROID_NDK_ROOT/platforms/$AOSP_API" ]; then
    echo "ERROR: AOSP_API is not valid. Does the NDK support the API? Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 elif [ ! -d "$ANDROID_NDK_ROOT/platforms/$AOSP_API/$AOSP_ARCH" ]; then
    echo "ERROR: AOSP_ARCH is not valid. Does the NDK support the architecture? Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Android SYSROOT. It will be used on the command line with --sysroot
 #   http://android.googlesource.com/platform/ndk/+/ics-mr0/docs/STANDALONE-TOOLCHAIN.html
 export AOSP_SYSROOT="$ANDROID_NDK_ROOT/platforms/$AOSP_API/$AOSP_ARCH"
 #####################################################################
 # Android STL. We support GNU, LLVM and STLport out of the box.
 if [ "$#" -lt 2 ]; then
    THE_STL=gnu-shared
 else
    THE_STL=$(tr [A-Z] [a-z] <<< "$2")
 fi
 # LLVM include directory may be different depending on NDK version. Default to new location (latest NDK checked: r16beta1).
 LLVM_INCLUDE_DIR="$ANDROID_NDK_ROOT/sources/cxx-stl/llvm-libc++/include"
 if [ ! -d "$LLVM_INCLUDE_DIR" ]; then
    LLVM_INCLUDE_DIR="$ANDROID_NDK_ROOT/sources/cxx-stl/llvm-libc++/libcxx/include"
 fi
 case "$THE_STL" in
  stlport-static)
    AOSP_STL_INC="$ANDROID_NDK_ROOT/sources/cxx-stl/stlport/stlport/"
    AOSP_STL_LIB="$ANDROID_NDK_ROOT/sources/cxx-stl/stlport/libs/$AOSP_ABI/libstlport_static.a"
    ;;
  stlport|stlport-shared)
    AOSP_STL_INC="$ANDROID_NDK_ROOT/sources/cxx-stl/stlport/stlport/"
    AOSP_STL_LIB="$ANDROID_NDK_ROOT/sources/cxx-stl/stlport/libs/$AOSP_ABI/libstlport_shared.so"
    ;;
  gabi++-static|gnu-static)
    AOSP_STL_INC="$ANDROID_NDK_ROOT/sources/cxx-stl/gnu-libstdc++/$AOSP_TOOLCHAIN_SUFFIX/include"
    AOSP_BITS_INC="$ANDROID_NDK_ROOT/sources/cxx-stl/gnu-libstdc++/$AOSP_TOOLCHAIN_SUFFIX/libs/$AOSP_ABI/include"
    AOSP_STL_LIB="$ANDROID_NDK_ROOT/sources/cxx-stl/gnu-libstdc++/$AOSP_TOOLCHAIN_SUFFIX/libs/$AOSP_ABI/libgnustl_static.a"
    ;;
  gnu|gabi++|gnu-shared|gabi++-shared)
    AOSP_STL_INC="$ANDROID_NDK_ROOT/sources/cxx-stl/gnu-libstdc++/$AOSP_TOOLCHAIN_SUFFIX/include"
    AOSP_BITS_INC="$ANDROID_NDK_ROOT/sources/cxx-stl/gnu-libstdc++/$AOSP_TOOLCHAIN_SUFFIX/libs/$AOSP_ABI/include"
    AOSP_STL_LIB="$ANDROID_NDK_ROOT/sources/cxx-stl/gnu-libstdc++/$AOSP_TOOLCHAIN_SUFFIX/libs/$AOSP_ABI/libgnustl_shared.so"
    ;;
  llvm-static)
      if [ ! -d "$LLVM_INCLUDE_DIR" ]; then
        echo "ERROR: Unable to locate include LLVM directory at $LLVM_INCLUDE_DIR -- has it moved since NDK r16beta1?"
        [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
    fi
    AOSP_STL_INC="$LLVM_INCLUDE_DIR"
    AOSP_STL_LIB="$ANDROID_NDK_ROOT/sources/cxx-stl/llvm-libc++/libs/$AOSP_ABI/libc++_static.a"
    ;;
  llvm|llvm-shared)
      if [ ! -d "$LLVM_INCLUDE_DIR" ]; then
        echo "ERROR: Unable to locate LLVM include directory at $LLVM_INCLUDE_DIR -- has it moved since NDK r16beta1?"
        [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
    fi
    AOSP_STL_INC="$LLVM_INCLUDE_DIR"
    AOSP_STL_LIB="$ANDROID_NDK_ROOT/sources/cxx-stl/llvm-libc++/libs/$AOSP_ABI/libc++_shared.so"
    ;;
  *)
    echo "ERROR: Unknown STL library $2"
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 esac
 # Error checking
 if [ ! -d "$AOSP_STL_INC" ] || [ ! -e "$AOSP_STL_INC/memory" ]; then
    echo "ERROR: AOSP_STL_INC is not valid. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Error checking
 if [ ! -e "$AOSP_STL_LIB" ]; then
    echo "ERROR: AOSP_STL_LIB is not valid. Please edit this script."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 export AOSP_STL_INC
 export AOSP_STL_LIB
 if [ ! -z "$AOSP_BITS_INC" ]; then
    export AOSP_BITS_INC
 fi
 # Now that we are using cpu-features from Android rather than CPU probing, we
 # need to copy cpu-features.h and cpu-features.c from the NDK into our source
 # directory and then build it.
 if [[ ! -e "$ANDROID_NDK_ROOT/sources/android/cpufeatures/cpu-features.h" ]]; then
    echo "ERROR: Unable to locate cpu-features.h"
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 cp "$ANDROID_NDK_ROOT/sources/android/cpufeatures/cpu-features.h" .
 if [[ ! -e "$ANDROID_NDK_ROOT/sources/android/cpufeatures/cpu-features.c" ]]; then
    echo "ERROR: Unable to locate cpu-features.c"
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 cp "$ANDROID_NDK_ROOT/sources/android/cpufeatures/cpu-features.c" .
 #####################################################################
 VERBOSE=1
 if [ ! -z "$VERBOSE" ] && [ "$VERBOSE" != "0" ]; then
  echo "ANDROID_NDK_ROOT: $ANDROID_NDK_ROOT"
  echo "AOSP_TOOLCHAIN_PATH: $AOSP_TOOLCHAIN_PATH"
  echo "AOSP_ABI: $AOSP_ABI"
  echo "AOSP_API: $AOSP_API"
  echo "AOSP_SYSROOT: $AOSP_SYSROOT"
  echo "AOSP_FLAGS: $AOSP_FLAGS"
  echo "AOSP_STL_INC: $AOSP_STL_INC"
  echo "AOSP_STL_LIB: $AOSP_STL_LIB"
  if [ ! -z "$AOSP_BITS_INC" ]; then
    echo "AOSP_BITS_INC: $AOSP_BITS_INC"
  fi
  if [ -e "cpu-features.h" ] && [ -e "cpu-features.c" ]; then
    echo "CPU FEATURES: cpu-features.h and cpu-features.c are present"
  fi
 fi
 #####################################################################
 COUNT=$(echo -n "$AOSP_STL_LIB" | egrep -i -c 'libstdc\+\+')
 if [[ ("$COUNT" -ne "0") ]]; then
    echo
    echo "*******************************************************************************"
    echo "You are using GNU's runtime and STL library. Please ensure the resulting"
    echo "binary meets licensing requirements. If you can't use GNU's runtime"
    echo "and STL library, then reconfigure with stlport or llvm. Also see"
    echo "http://code.google.com/p/android/issues/detail?id=216331"
    echo "*******************************************************************************"
 fi
 COUNT=$(echo -n "$AOSP_STL_LIB" | grep -i -c 'libstlport')
 if [[ ("$COUNT" -ne "0") ]]; then
    echo
    echo "*******************************************************************************"
    echo "You are using STLport's runtime and STL library. STLport could cause problems"
    echo "if the resulting binary is used in other environments, like a QT project."
    echo "Also see http://code.google.com/p/android/issues/detail?id=216331"
    echo "*******************************************************************************"
 fi
 COUNT=$(echo -n "$AOSP_STL_LIB" | egrep -i -c 'libc\+\+')
 if [[ ("$COUNT" -ne "0") ]]; then
    echo
    echo "*******************************************************************************"
    echo "You are using LLVM's runtime and STL library. LLVM could cause problems"
    echo "if the resulting binary is used in other environments, like a QT project."
    echo "Also see http://code.google.com/p/android/issues/detail?id=216331"
    echo "*******************************************************************************"
 fi
 echo
 echo "*******************************************************************************"
 echo "It looks the the environment is set correctly. Your next step is build"
 echo "the library with 'make -f GNUmakefile-cross'. You can create a versioned"
 echo "shared object using 'HAS_SOLIB_VERSION=1 make -f GNUmakefile-cross'"
 echo "*******************************************************************************"
 echo
 [ "$0" = "${BASH_SOURCE[0]}" ] && exit 0 || return 0
--- a/TestScripts/setenv-embedded.sh
+++ b/TestScripts/setenv-embedded.sh
@ -0,0 +1,151 @@
 #!/usr/bin/env bash
 # ====================================================================
 # Sets the cross compile environment for ARM Embedded
 #
 # Written by Jeffrey Walton, noloader gmail account
 #
 # Crypto++ Library is copyrighted as a compilation and (as of version 5.6.2)
 # licensed under the Boost Software License 1.0, while the individual files
 # in the compilation are all public domain.
 #
 # This script only supports Ubuntu at the moment. It does not support Fedora.
 # See http://www.cryptopp.com/wiki/ARM_Embedded_(Command_Line) for details.
 # ====================================================================
 # set -eu
 # Sanity check
 if [ "$0" = "${BASH_SOURCE[0]}" ]; then
    echo "Please source this setenv script"
    exit 0
 fi
 # Unset old options
 unset IS_CROSS_COMPILE
 unset IS_IOS
 unset IS_ANDROID
 unset IS_ARM_EMBEDDED
 if [ -z "${ARM_EMBEDDED_TOOLCHAIN-}" ]; then
    ARM_EMBEDDED_TOOLCHAIN="/usr/bin"
 fi
 if [ ! -d "$ARM_EMBEDDED_TOOLCHAIN" ]; then
    echo "ARM_EMBEDDED_TOOLCHAIN is not valid"
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Fedora
 # TOOL_PREFIX="arm-linux-gnu"
 # Ubuntu
 TOOL_PREFIX="arm-linux-gnueabi"
 export CPP="$ARM_EMBEDDED_TOOLCHAIN/$TOOL_PREFIX-cpp"
 export CC="$ARM_EMBEDDED_TOOLCHAIN/$TOOL_PREFIX-gcc"
 export CXX="$ARM_EMBEDDED_TOOLCHAIN/$TOOL_PREFIX-g++"
 export LD="$ARM_EMBEDDED_TOOLCHAIN/$TOOL_PREFIX-ld"
 export AR="$ARM_EMBEDDED_TOOLCHAIN/$TOOL_PREFIX-ar"
 export AS="$ARM_EMBEDDED_TOOLCHAIN/$TOOL_PREFIX-as"
 export RANLIB="$ARM_EMBEDDED_TOOLCHAIN/$TOOL_PREFIX-ranlib"
 # export RANLIB="$ARM_EMBEDDED_TOOLCHAIN/$TOOL_PREFIX-gcc-ranlib-4.7"
 # Test a few of the tools
 if [ ! -e "$CPP" ]; then
  echo "ERROR: CPP is not valid"
  [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 if [ ! -e "$CC" ]; then
  echo "ERROR: CC is not valid"
  [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 if [ ! -e "$CXX" ]; then
  echo "ERROR: CXX is not valid"
  [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 if [ ! -e "$AR" ]; then
  echo "ERROR: AR is not valid"
  [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 if [ ! -e "$AS" ]; then
  echo "ERROR: AS is not valid"
  [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 if [ ! -e "$RANLIB" ]; then
  echo "ERROR: RANLIB is not valid"
  [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 if [ ! -e "$LD" ]; then
  echo "ERROR: LD is not valid"
  [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # The Crypto++ Makefile uses these to disable host settings like
 #   IS_LINUX or IS_DARWIN, and incorporate settings for ARM_EMBEDDED
 export IS_ARM_EMBEDDED=1
 # GNUmakefile-cross uses these to to set CXXFLAGS for ARM_EMBEDDED
 if [ -z "$ARM_EMBEDDED_SYSROOT" ]; then
  export ARM_EMBEDDED_SYSROOT="/usr/arm-linux-gnueabi"
 fi
 if [ ! -d "$ARM_EMBEDDED_SYSROOT" ]; then
  echo "ERROR: ARM_EMBEDDED_SYSROOT is not valid"
  [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Fix C++ header paths for Ubuntu
 # ARM_EMBEDDED_TOOLCHAIN_VERSION="4.7.3"
 ARM_EMBEDDED_TOOLCHAIN_VERSION="5.4.0"
 ARM_EMBEDDED_CXX_HEADERS="$ARM_EMBEDDED_SYSROOT/include/c++/$ARM_EMBEDDED_TOOLCHAIN_VERSION"
 if [ ! -d "$ARM_EMBEDDED_CXX_HEADERS" ]; then
  echo "ERROR: ARM_EMBEDDED_CXX_HEADERS is not valid"
  [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 if [ ! -d "$ARM_EMBEDDED_CXX_HEADERS/arm-linux-gnueabi" ]; then
  echo "ERROR: ARM_EMBEDDED_CXX_HEADERS is not valid"
  [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Finally, the flags...
 # export ARM_EMBEDDED_FLAGS="-march=armv7-a -mfloat-abi=softfp -mfpu=vfpv3-d16 -Wl,--fix-cortex-a8 -I$ARM_EMBEDDED_CXX_HEADERS -I$ARM_EMBEDDED_CXX_HEADERS/arm-linux-gnueabi"
 # Add additional flags below, like -mcpu=cortex-m3.
 if [ -z "$ARM_EMBEDDED_FLAGS" ]; then
  export ARM_EMBEDDED_FLAGS="-I$ARM_EMBEDDED_CXX_HEADERS -I$ARM_EMBEDDED_CXX_HEADERS/arm-linux-gnueabi"
 fi
 # And print stuff to wow the user...
 VERBOSE=1
 if [ ! -z "$VERBOSE" ] && [ "$VERBOSE" -ne 0 ]; then
  echo "CPP: $CPP"
  echo "CXX: $CXX"
  echo "AR: $AR"
  echo "LD: $LD"
  echo "RANLIB: $RANLIB"
  echo "ARM_EMBEDDED_TOOLCHAIN: $ARM_EMBEDDED_TOOLCHAIN"
  echo "ARM_EMBEDDED_CXX_HEADERS: $ARM_EMBEDDED_CXX_HEADERS"
  echo "ARM_EMBEDDED_FLAGS: $ARM_EMBEDDED_FLAGS"
  echo "ARM_EMBEDDED_SYSROOT: $ARM_EMBEDDED_SYSROOT"
 fi
 echo
 echo "*******************************************************************************"
 echo "It looks the the environment is set correctly. Your next step is build"
 echo "the library with 'make -f GNUmakefile-cross'. You can create a versioned"
 echo "shared object using 'HAS_SOLIB_VERSION=1 make -f GNUmakefile-cross'"
 echo "*******************************************************************************"
 echo
 [ "$0" = "${BASH_SOURCE[0]}" ] && exit 0 || return 0
--- a/TestScripts/setenv-ios.sh
+++ b/TestScripts/setenv-ios.sh
@ -0,0 +1,338 @@
 #!/usr/bin/env bash
 # ====================================================================
 # Sets the cross compile environment for Xcode/iOS
 # Based upon OpenSSL's setenv-ios.sh  (by TH, JW, and SM).
 #
 # Crypto++ Library is copyrighted as a compilation and (as of version 5.6.2)
 # licensed under the Boost Software License 1.0, while the individual files
 # in the compilation are all public domain.
 #
 # See http://www.cryptopp.com/wiki/iOS_(Command_Line) for more details
 # ====================================================================
 # set -eu
 # Sanity check
 if [ "$0" = "${BASH_SOURCE[0]}" ]; then
    echo "Please source this setenv script"
    exit 0
 fi
 #########################################
 #####       Clear old options       #####
 #########################################
 unset IS_CROSS_COMPILE
 unset IS_IOS
 unset IS_ANDROID
 unset IS_ARM_EMBEDDED
 unset IOS_ARCH
 unset IOS_FLAGS
 unset IOS_SYSROOT
 #########################################
 #####   User configurable options   #####
 #########################################
 # Define SETENV_VERBOSE=1 to print the configuration, including exported variables.
 SETENV_VERBOSE=1
 # For various SDKs, see https://groups.google.com/d/msg/cryptopp-users/8Z0qfwAjSbA/nKYbhTNBBgAJ
 ########################################
 #####         Command line         #####
 ########################################
 APPLE_SDK=
 IOS_ARCH=
 BACK_ARCH=
 for ARG in "$@"
 do
  CL=$(echo $ARG | tr '[A-Z]' '[a-z]')
  # i386 (simulator)
  if [ "$CL" == "i386" ]; then
    BACK_ARCH=i386
    APPLE_SDK=iPhoneSimulator
  fi
  # x86_64 (simulator)
  if [ "$CL" == "x86_64" ]; then
    BACK_ARCH=x86_64
    APPLE_SDK=iPhoneSimulator
  fi
  # ARMv5
  if [ "$CL" == "armv5" ]; then
    BACK_ARCH=armv5
    APPLE_SDK=iPhoneOS
  fi
  # ARMv6
  if [ "$CL" == "armv6" ]; then
    BACK_ARCH=armv6
    APPLE_SDK=iPhoneOS
  fi
  # ARMv7
  if [ "$CL" == "armv7" ]; then
    BACK_ARCH=armv7
    APPLE_SDK=iPhoneOS
  fi
  # ARMv7s
  if [ "$CL" == "armv7s" ]; then
    BACK_ARCH=armv7s
    APPLE_SDK=iPhoneOS
  fi
  # ARM64
  if [[ ("$CL" == "arm64" || "$CL" == "armv8" || "$CL" == "aarch64") ]]; then
    BACK_ARCH=arm64
    APPLE_SDK=iPhoneOS
  fi
  # iPhone
  if [[ ("$CL" == "iphone" || "$CL" == "iphoneos") ]]; then
    BACK_ARCH=armv7
    APPLE_SDK=iPhoneOS
  fi
  # iPhone Simulator
  if [[ ("$CL" == "simulator" || "$CL" == "iphonesimulator") ]]; then
    BACK_ARCH=i386
    APPLE_SDK=iPhoneSimulator
  fi
  # Watch
  if [[ ("$CL" == "watch" || "$CL" == "watchos" || "$CL" == "applewatch") ]]; then
    BACK_ARCH=armv7
    APPLE_SDK=WatchOS
  fi
  # Watch Simulator
  if [ "$CL" == "watchsimulator" ]; then
    BACK_ARCH=i386
    APPLE_SDK=WatchSimulator
  fi
  # Apple TV
  if [[ ("$CL" == "tv" || "$CL" == "appletv" || "$CL" == "appletvos") ]]; then
    BACK_ARCH=arm64
    APPLE_SDK=AppleTVOS
  fi
  # Apple TV Simulator
  if [[ ("$CL" == "tvsimulator" || "$CL" == "appletvsimulator") ]]; then
    BACK_ARCH=x86_64
    APPLE_SDK=AppleTVSimulator
  fi
 done
 # Defaults if not set
 if [ -z "$APPLE_SDK" ]; then
    BACK_ARCH=armv7
    APPLE_SDK=iPhoneOS
 fi
 # Defaults if not set
 if [ -z "$IOS_ARCH" ]; then
    IOS_ARCH="$BACK_ARCH"
 fi
 # Allow a user override? I think we should be doing this. The use case is:
 # move /Applications/Xcode somewhere else for a side-by-side installation.
 # These sorts of tricks are a required procedure on Apple's gear:
 # http://stackoverflow.com/questions/11651773/install-simulator-sdk-4-3-to-xcode-4-4-on-mountain-lion
 if [ -z "${XCODE_DEVELOPER-}" ]; then
  XCODE_DEVELOPER=$(xcode-select -print-path 2>/dev/null)
 fi
 if [ ! -d "$XCODE_DEVELOPER" ]; then
  echo "ERROR: unable to find XCODE_DEVELOPER directory."
  [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Default toolchain location
 XCODE_TOOLCHAIN="$XCODE_DEVELOPER/usr/bin"
 if [ ! -d "$XCODE_TOOLCHAIN" ]; then
  echo "ERROR: unable to find XCODE_TOOLCHAIN directory."
  [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # XCODE_DEVELOPER_TOP is the top of the development tools tree
 XCODE_DEVELOPER_TOP="$XCODE_DEVELOPER/Platforms/$APPLE_SDK.platform/Developer"
 if [ ! -d "$XCODE_DEVELOPER_TOP" ]; then
  echo "ERROR: unable to find XCODE_DEVELOPER_TOP directory."
  [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # IOS_TOOLCHAIN is the location of the actual compiler tools.
 if [ -d "$XCODE_DEVELOPER/Toolchains/XcodeDefault.xctoolchain/usr/bin/" ]; then
  IOS_TOOLCHAIN="$XCODE_DEVELOPER/Toolchains/XcodeDefault.xctoolchain/usr/bin/"
 elif [ -d "$XCODE_DEVELOPER_TOP/usr/bin/" ]; then
  IOS_TOOLCHAIN="$XCODE_DEVELOPER_TOP/usr/bin/"
 fi
 if [ -z "$IOS_TOOLCHAIN" ] || [ ! -d "$IOS_TOOLCHAIN" ]; then
  echo "ERROR: unable to find Xcode cross-compiler tools."
  [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 #
 # XCODE_SDK is the SDK name/version being used - adjust the list as appropriate.
 # For example, remove 4.3, 6.2, and 6.1 if they are not installed. We go back to
 # the 1.0 SDKs because Apple WatchOS uses low numbers, like 2.0 and 2.1.
 unset XCODE_SDK
 for i in $(seq -f "%.1f" 20.0 -0.1 1.0)
 do
    if [ -d "$XCODE_DEVELOPER/Platforms/$APPLE_SDK.platform/Developer/SDKs/$APPLE_SDK$i.sdk" ]; then
        XCODE_SDK="$APPLE_SDK$i.sdk"
          break
    fi
 done
 # Error checking
 if [ -z "$XCODE_SDK" ]; then
    echo "ERROR: unable to find a SDK."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # https://github.com/weidai11/cryptopp/issues/635
 if [ "$APPLE_SDK" == "iPhoneSimulator" ]; then
  IOS_FLAGS="$IOS_FLAGS -DCRYPTOPP_DISABLE_ASM"
 fi
 # Simulator fixup. LD fails to link dylib.
 if [ "$APPLE_SDK" == "iPhoneSimulator" ] && [ "$IOS_ARCH" == "i386" ]; then
  IOS_FLAGS="$IOS_FLAGS -miphoneos-version-min=5"
 fi
 # ARMv7s fixup. Xcode 4/iOS 6
 if [ "$IOS_ARCH" == "armv7s" ]; then
  IOS_FLAGS="$IOS_FLAGS -miphoneos-version-min=6"
 fi
 # ARM64 fixup. Xcode 5/iOS 7
 if [ "$IOS_ARCH" == "arm64" ]; then
  IOS_FLAGS="$IOS_FLAGS -miphoneos-version-min=7"
 fi
 # Yet another ARM64 fixup.
 if [ "$APPLE_SDK" == "AppleTVOS" ]; then
  IOS_FLAGS=""
 fi
 # Disable ASM for simulator. We are failing on Travis due to missing _start.
 # We may need to link against crt1.o for simulator builds. Also see
 # https://stackoverflow.com/q/24841283/608639
 # -watchos_simulator_version_min does not work though it is in LLVM sources.
 if [ "$APPLE_SDK" == "WatchSimulator" ]; then
  IOS_FLAGS="$IOS_FLAGS -DCRYPTOPP_DISABLE_ASM"
 fi
 # Disable ASM for simulator. We are failing on Travis due to missing _start.
 # We may need to link against crt1.o for simulator builds. Also see
 # https://stackoverflow.com/q/24841283/608639
 # -tvos_simulator_version_min does not work though it is in LLVM sources.
 if [ "$APPLE_SDK" == "AppleTVSimulator" ]; then
  IOS_FLAGS="$IOS_FLAGS -DCRYPTOPP_DISABLE_ASM"
 fi
 # Simulator uses i386 or x86_64, Device uses ARMv5, ARMv6, ARMv7, ARMv7s or ARMv8
 #
 # Apple deprecated ARMv5 at iOS 4.0, and ARMv6 at iOS 5.0
 # http://stackoverflow.com/questions/7488657/how-to-build-for-armv6-and-armv7-architectures-with-ios-5
 echo "Configuring for $APPLE_SDK ($IOS_ARCH)"
 # Used by the GNUmakefile-cross
 export IS_IOS=1
 export IOS_ARCH
 export IOS_FLAGS
 export IOS_SYSROOT="$XCODE_DEVELOPER_TOP/SDKs/$XCODE_SDK"
 #######################################
 #####          Verbose           #####
 #######################################
 if [ "$SETENV_VERBOSE" == "1" ]; then
  echo "XCODE_SDK:" $XCODE_SDK
  echo "XCODE_DEVELOPER: $XCODE_DEVELOPER"
  echo "XCODE_TOOLCHAIN: $XCODE_TOOLCHAIN"
  echo "XCODE_DEVELOPER_TOP: $XCODE_DEVELOPER_TOP"
  echo "IOS_ARCH: $IOS_ARCH"
  echo "IOS_TOOLCHAIN: $IOS_TOOLCHAIN"
  echo "IOS_FLAGS: ${IOS_FLAGS-}"
  echo "IOS_SYSROOT: ${IOS_SYSROOT-}"
 fi
 ########################################
 #####     Path with Toolchains     #####
 ########################################
 # Only modify/export PATH if IOS_TOOLCHAIN good
 if [ ! -z "$IOS_TOOLCHAIN" ] && [ ! -z "$XCODE_TOOLCHAIN" ]; then
    # And only modify PATH if IOS_TOOLCHAIN is not present
    TOOL_PATH="$IOS_TOOLCHAIN:$XCODE_TOOLCHAIN"
    LEN=${#TOOL_PATH}
    SUBSTR=${PATH:0:$LEN}
    if [ "$SUBSTR" != "$TOOL_PATH" ]; then
        export PATH="$TOOL_PATH":"$PATH"
    fi
 else
    echo "ERROR: unable to set new PATH."
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 ########################################
 #####        Tool Test Time        #####
 ########################################
 # Test for various tools needed during cross compilation.
 # FOUND_ALL starts high, and pushes low on failure
 FOUND_ALL=1
 # Apple's embedded g++ cannot compile integer.cpp
 TOOLS=(clang clang++ libtool ld)
 for tool in ${TOOLS[@]}
 do
    if [ ! -e "$IOS_TOOLCHAIN/$tool" ] && [ ! -e "$XCODE_TOOLCHAIN/$tool" ]; then
        echo "ERROR: unable to find $tool at IOS_TOOLCHAIN or XCODE_TOOLCHAIN"
        FOUND_ALL=0
    fi
 done
 if [ "$FOUND_ALL" -eq "0" ]; then
    [ "$0" = "${BASH_SOURCE[0]}" ] && exit 1 || return 1
 fi
 # Exports added for Autotools. GNUmakefile-cross does not use them.
 # What to do for AR=libtool and ARFLAGS?
 export CPP="$IOS_TOOLCHAIN/cpp"
 export CC="$IOS_TOOLCHAIN/clang"
 export CXX="$IOS_TOOLCHAIN/clang++"
 export LD="$IOS_TOOLCHAIN/ld"
 export AS="$IOS_TOOLCHAIN/as"
 export AR="$IOS_TOOLCHAIN/ar"
 export RANLIB="$IOS_TOOLCHAIN/ranlib"
 export STRIP="$IOS_TOOLCHAIN/strip"
 echo
 echo "*******************************************************************************"
 echo "It looks the the environment is set correctly. Your next step is build"
 echo "the library with 'make -f GNUmakefile-cross'. You can create a versioned"
 echo "shared object using 'HAS_SOLIB_VERSION=1 make -f GNUmakefile-cross'"
 echo "*******************************************************************************"
 echo
 [ "$0" = "${BASH_SOURCE[0]}" ] && exit 0 || return 0
--- a/TestScripts/setenv-travis.sh
+++ b/TestScripts/setenv-travis.sh
@ -0,0 +1,18 @@
 #/usr/bin/env bash
 # This file should be source'd when required.
 export ANDROID_HOME="$HOME/.android"
 export ANDROID_SDK="$HOME/android/sdk/"
 export ANDROID_NDK="$HOME/android/sdk/ndk-bundle"
 export ANDROID_SDK_ROOT="$ANDROID_SDK"
 export ANDROID_NDK_ROOT="$ANDROID_NDK"
 mkdir -p "$ANDROID_HOME"
 mkdir -p "$ANDROID_SDK_ROOT"
 mkdir -p "$ANDROID_NDK_ROOT"
 # https://stackoverflow.com/a/47028911/608639
 touch "$ANDROID_HOME/repositories.cfg"
 [[ "$0" = "${BASH_SOURCE[0]}" ]] && exit 0 || return 0
--- a/TestScripts/tweetnacl.sh
+++ b/TestScripts/tweetnacl.sh
@ -0,0 +1,47 @@
 #!/usr/bin/env bash
 # Written and placed in public domain by Jeffrey Walton
 #
 # This script fetches TweetNaCl from Bernstein's site, and then
 # prepares it for use in Crypto++ by applying tweetnacl.patch.
 # The script should be run from the Crypto++ root directory on a
 # Unix machine because of the use of Unix tools like wget.
 curl https://tweetnacl.cr.yp.to/20140427/tweetnacl.h > tweetnacl.h
 curl https://tweetnacl.cr.yp.to/20140427/tweetnacl.c > tweetnacl.c
 # Fix whitespace
 sed -e 's/[[:space:]]*$//' tweetnacl.h > tweetnacl.h.fixed
 mv tweetnacl.h.fixed tweetnacl.h
 sed -e 's/[[:space:]]*$//' tweetnacl.c > tweetnacl.c.fixed
 mv tweetnacl.c.fixed tweetnacl.c
 if [[ -e "TestScripts/tweetnacl.patch" ]]; then
    cp "TestScripts/tweetnacl.patch" .
 fi
 if [[ ! -e "tweetnacl.patch" ]]; then
    echo "Cannot find tweetnacl.patch. Please make sure it exists in the root directory."
 	echo "It can be created with 'diff -u tweetnacl.c tweetnacl.cpp > tweetnacl.patch'"
 	[[ "$0" = "$BASH_SOURCE" ]] && exit 0 || return 0
 fi
 # Normalize line endings
 dos2unix tweetnacl.h tweetnacl.cpp tweetnacl.patch
 # Apply patch
 patch --unified --binary -p0 < tweetnacl.patch
 mv tweetnacl.c tweetnacl.cpp
 # Place things where they belong in source control
 cp tweetnacl.sh TestScripts/
 cp tweetnacl.patch TestScripts/
 # Fix whitespace
 sed -e 's/[[:space:]]*$//' tweetnacl.h > tweetnacl.h.fixed
 mv tweetnacl.h.fixed tweetnacl.h
 sed -e 's/[[:space:]]*$//' tweetnacl.cpp > tweetnacl.cpp.fixed
 mv tweetnacl.cpp.fixed tweetnacl.cpp
 # Convert to MS DOS for source control
 unix2dos tweetnacl.h tweetnacl.cpp
--- a/TestVectors/Readme.txt
+++ b/TestVectors/Readme.txt
@ -24,7 +24,8 @@ before the Test field.
 Data Types
 ==========
-int - small integer (less than 2^32) in decimal representation
+signed int - small integer (less than 2^32) in decimal representation
 unsigned long - large integer (less than 2^64) convertible by strtoul or strtoull
 string - human readable string
 encoded string - can be one of the following
 	- quoted string: "message" means "message" without the quotes
@ -57,15 +58,18 @@ PublicElement - the public element when KeyFormat=Component
 PrivateExponent - the private exponent when KeyFormat=Component
 Message - encoded string, message to be signed or verified
 Signature - encoded string, signature to be verified or compared with
 BlockSize - encoded string, block size for vaiable block ciphers
 Plaintext - encoded string
 Ciphertext - encoded string
 Header - encoded string
 Footer - encoded string
 Secret - encoded string, used by some key derivation functions
 DerivedKey - encoded string
 DerivedLength - encoded string
 Digest - encoded string
 TruncatedSize - int, size of truncated digest in bytes
 Seek - int, seek location for random access ciphers
 Seek64 - unsigned long, seek location for random access ciphers
 (more to come here)
 Possible Tests
@ -79,7 +83,7 @@ Verify - signature/digest/MAC verification should pass
 VerifyTruncated - truncated digest/MAC verification should pass
 NotVerify - signature/digest/MAC verification should not pass
 DeterministicSign - sign message using given seed, and the resulting
-    signature should be equal to the given signature
+    signature should equal the given signature
 Encrypt - plaintext encrypts to ciphertext
 DecryptMatch - ciphertext decrypts to plaintext
 (more to come here)
--- a/TestVectors/aead.txt
+++ b/TestVectors/aead.txt
@ -0,0 +1,6 @@
 AlgorithmType: FileList
 Name: aead.txt collection
 Test: TestVectors/ccm.txt
 Test: TestVectors/eax.txt
 Test: TestVectors/gcm.txt
 Test: TestVectors/chacha20poly1305.txt
--- a/TestVectors/all.txt
+++ b/TestVectors/all.txt
@ -1,39 +1,62 @@
 AlgorithmType: FileList
 Name: all.txt collection
-Test: TestVectors/tea.txt
+Test: TestVectors/aes.txt
-Test: TestVectors/wake.txt
+Test: TestVectors/aria.txt
 Test: TestVectors/blake2b.txt
 Test: TestVectors/blake2s.txt
 Test: TestVectors/camellia.txt
-Test: TestVectors/shacal2.txt
+Test: TestVectors/ccm.txt
-Test: TestVectors/ttmac.txt
+Test: TestVectors/chacha_tls.txt
-Test: TestVectors/whrlpool.txt
+Test: TestVectors/chacha20poly1305.txt
 Test: TestVectors/chacha.txt
 Test: TestVectors/xchacha.txt
 Test: TestVectors/cham.txt
 Test: TestVectors/cmac.txt
 Test: TestVectors/dlies.txt
 Test: TestVectors/dsa.txt
 Test: TestVectors/dsa_1363.txt
 Test: TestVectors/dsa_rfc6979.txt
-#Test: TestVectors/ecdsa_rfc6979.txt
+Test: TestVectors/dsa.txt
 Test: TestVectors/eax.txt
 Test: TestVectors/esign.txt
 Test: TestVectors/gcm.txt
 Test: TestVectors/hc128.txt
 Test: TestVectors/hc256.txt
 Test: TestVectors/hight.txt
 Test: TestVectors/hkdf.txt
 Test: TestVectors/hmac.txt
 Test: TestVectors/kalyna.txt
 Test: TestVectors/keccak.txt
 Test: TestVectors/lea.txt
 Test: TestVectors/mars.txt
 Test: TestVectors/nr.txt
 Test: TestVectors/panama.txt
 Test: TestVectors/poly1305aes.txt
 Test: TestVectors/poly1305_tls.txt
 Test: TestVectors/rabbit.txt
 Test: TestVectors/rsa_oaep.txt
 Test: TestVectors/rsa_pkcs1_1_5.txt
 Test: TestVectors/rsa_pss.txt
 Test: TestVectors/rw.txt
 Test: TestVectors/seal.txt
 Test: TestVectors/sha.txt
 Test: TestVectors/keccak.txt
 Test: TestVectors/sha3_fips_202.txt
 Test: TestVectors/panama.txt
 Test: TestVectors/aes.txt
 Test: TestVectors/salsa.txt
-Test: TestVectors/chacha.txt
+Test: TestVectors/seal.txt
-#Test: TestVectors/tls_chacha.txt
+Test: TestVectors/seed.txt
-Test: TestVectors/vmac.txt
+Test: TestVectors/sha1_fips_180.txt
 Test: TestVectors/sha2_fips_180.txt
 Test: TestVectors/sha3_fips_202.txt
 Test: TestVectors/shake.txt
 Test: TestVectors/shacal2.txt
 Test: TestVectors/sha.txt
 Test: TestVectors/simeck.txt
 Test: TestVectors/simon.txt
 Test: TestVectors/siphash.txt
 Test: TestVectors/skipjack.txt
 Test: TestVectors/sm3.txt
 Test: TestVectors/sm4.txt
 Test: TestVectors/sosemanuk.txt
-Test: TestVectors/ccm.txt
+Test: TestVectors/speck.txt
-Test: TestVectors/gcm.txt
+Test: TestVectors/tea.txt
-Test: TestVectors/cmac.txt
+Test: TestVectors/threefish.txt
-Test: TestVectors/eax.txt
+Test: TestVectors/ttmac.txt
-Test: TestVectors/mars.txt
+Test: TestVectors/vmac.txt
-Test: TestVectors/blake2s.txt
+Test: TestVectors/wake.txt
-Test: TestVectors/blake2b.txt
+Test: TestVectors/whrlpool.txt
 Test: TestVectors/hkdf.txt
--- a/TestVectors/aria.txt
+++ b/TestVectors/aria.txt
@ -0,0 +1,158 @@
 AlgorithmType: SymmetricCipher
 Name: ARIA/ECB
 Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 1, ARIA/ECB 128-bit (p.3)
 Key:        00112233445566778899aabbccddeeff
 Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
 Ciphertext: c6ecd08e22c30abdb215cf74e2075e6e 29ccaac63448708d331b2f816c51b17d \
            9e133d1528dbf0af5787c7f3a3f5c2bf 6b6f345907a3055612ce072ff54de7d7 \
            88424da6e8ccfe8172b391be49935416 5665ba7864917000a6eeb2ecb4a698ed \
            fc7887e7f556377614ab0a282293e6d8 84dbb84206cdb16ed1754e77a1f243fd \
            086953f752cc1e46c7c794ae85537dca ec8dd721f55c93b6edfe2adea43873e8
 Test: Encrypt
 Source:     RFC 5794, The ARIA Encryption Algorithm
 Comment:    A.1, 128-Bit Key (p. 10)
 Key:        000102030405060708090a0b0c0d0e0f
 Plaintext:  00112233445566778899aabbccddeeff
 Ciphertext: d718fbd6ab644c739da95f3be6451778
 Test: Encrypt
 Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 2, ARIA/ECB 192-bit (p.6)
 Key:        00112233445566778899aabbccddeeff 0011223344556677
 Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
 Ciphertext: 8d1470625f59ebacb0e55b534b3e462b 5f23d33bff78f46c3c15911f4a21809a \
            accad80b4bda915aa9dae6bcebe06a6c 83f77fd5391acfe61de2f646b5d447ed \
            bfd5bb49b12fbb9145b227895a757b2a f1f7188734863d7b8b6ede5a5b2f06a0 \
            a233c8523d2db778fb31b0e311f32700 152f33861e9d040c83b5eb40cd88ea49 \
            975709dc629365a189f78a3ec40345fc 6a5a307a8f9a4413091e007eca5645a0
 Test: Encrypt
 Source:     RFC 5794, The ARIA Encryption Algorithm
 Comment:    A.2, 192-Bit Key (p. 11)
 Key:        000102030405060708090a0b0c0d0e0f 1011121314151617
 Plaintext:  00112233445566778899aabbccddeeff
 Ciphertext: 26449c1805dbe7aa25a468ce263a9e79
 Test: Encrypt
 Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 3, ARIA/ECB 256-bit (p.11)
 Key:        00112233445566778899aabbccddeeff 00112233445566778899aabbccddeeff
 Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
 Ciphertext: 58a875e6044ad7fffa4f58420f7f442d 8e191016f28e79aefc01e204773280d7 \
            018e5f7a938ec30711719953bae86542 cd7ebc752474c1a5f6eaaace2a7e2946 \
            2ee7dfa5afdb84177ead95ccd4b4bb6e 1ed17b9534cff0a5fc2941429cfee2ee \
            49c7adbeb7e9d1b0d2a8531d94207959 6a27ed79f5b1dd13ecd604b07a48885a \
            3afa0627a0e4e60a3c703af292f1baa7 7b702f16c54aa74bc727ea95c7468b00
 Test: Encrypt
 Source:     RFC 5794, The ARIA Encryption Algorithm
 Comment:    A.3, 256-Bit Key (p. 11)
 Key:        000102030405060708090a0b0c0d0e0f 101112131415161718191a1b1c1d1e1f
 Plaintext:  00112233445566778899aabbccddeeff
 Ciphertext: f92bd7c79fb72e2f2b8f80c1972d24fc
 Test: Encrypt
 AlgorithmType: SymmetricCipher
 Name: ARIA/CBC
 Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 1, ARIA/CBC 128-bit (p.3)
 Key:        00112233445566778899aabbccddeeff
 IV:         0f1e2d3c4b5a69788796a5b4c3d2e1f0
 Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
 Ciphertext: 49d61860b14909109cef0d22a9268134 fadf9fb23151e9645fba75018bdb1538 \
            b53334634bbf7d4cd4b5377033060c15 5fe3948ca75de1031e1d85619e0ad61e \
            b419a866b3c2dbfd10a4ed18b22149f7 5897f0b8668b0c1c542c687778835fb7 \
            cd46e45f85eaa7072437dd9fa6793d6f 8d4ccefc4eb1ac641ac1bd30b18c6d64 \
            c49bca137eb21c2e04da62712ca2b4f5 40c57112c38791852cfac7a5d19ed83a
 Test: Encrypt
 Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 1, ARIA/CBC 192-bit (p.6)
 Key:        00112233445566778899aabbccddeeff 0011223344556677
 IV:         0f1e2d3c4b5a69788796a5b4c3d2e1f0
 Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
 Ciphertext: afe6cf23974b533c672a826264ea785f 4e4f7f780dc7f3f1e0962b80902386d5 \
            14e9c3e77259de92dd1102ffab086c1e a52a71260db5920a83295c25320e4211 \
            47ca45d532f327b856ea947cd2196ae2 e040826548b4c891b0ed0ca6e714dbc4 \
            631998d548110d666b3d54c2a091955c 6f05beb4f62309368696c9791fc4c551 \
            564a2637f194346ec45fbca6c72a5b46 12e208d531d6c34cc5c64eac6bd0cf8c
 Test: Encrypt
 Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 1, ARIA/CBC 256-bit (p.11)
 Key:        00112233445566778899aabbccddeeff 00112233445566778899aabbccddeeff
 IV:         0f1e2d3c4b5a69788796a5b4c3d2e1f0
 Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
 Ciphertext: 523a8a806ae621f155fdd28dbc34e1ab 7b9b42432ad8b2efb96e23b13f0a6e52 \
            f36185d50ad002c5f601bee5493f118b 243ee2e313642bffc3902e7b2efd9a12 \
            fa682edd2d23c8b9c5f043c18b17c1ec 4b5867918270fbec1027c19ed6af833d \
            a5d620994668ca22f599791d292dd627 3b2959082aafb7a996167cce1eec5f0c \
            fd15f610d87e2dda9ba68ce1260ca54b 222491418374294e7909b1e8551cd8de
 Test: Encrypt
 AlgorithmType: SymmetricCipher
 Name: ARIA/CTR
 Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 1, ARIA/CTR 128-bit (p.3)
 Key:        00112233445566778899aabbccddeeff
 IV:         00000000000000000000000000000000
 Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
 Ciphertext: ac5d7de805a0bf1c57c854501af60fa1 1497e2a34519dea1569e91e5b5ccae2f \
            f3bfa1bf975f4571f48be191613546c3 911163c085f871f0e7ae5f2a085b8185 \
            1c2a3ddf20ecb8fa51901aec8ee4ba32 a35dab67bb72cd9140ad188a967ac0fb \
            bdfa94ea6cce47dcf8525ab5a814cfeb 2bb60ee2b126e2d9d847c1a9e96f9019 \
            e3e6a7fe40d3829afb73db1cc245646a ddb62d9b907baaafbe46a73dbc131d3d
 Test: Encrypt
 Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 2, ARIA/CTR 192-bit (p.6)
 Key:        00112233445566778899aabbccddeeff 0011223344556677
 IV:         00000000000000000000000000000000
 Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
 Ciphertext: 08625ca8fe569c19ba7af3760a6ed1ce f4d199263e999dde14082dbba7560b79 \
            a4c6b456b8707dce751f9854f18893df db3f4e5afa539733e6f1e70b98ba3789 \
            1f8f81e95df8efc26c7ce043504cb189 58b865e4e316cd2aa1c97f31bf23dc04 \
            6ef326b95a692a191ba0f2a41c5fe9ae 070f236ff7078e703b42666caafbdd20 \
            bad74ac4c20c0f46c7ca24c151716575 c947da16c90cfe1bf217a41cfebe7531
 Test: Encrypt
 Source:     ARIA Test Vectors PDF (05.05.2004)
 Comment:    Section 3, ARIA/CTR 256-bit (p.11)
 Key:        00112233445566778899aabbccddeeff 00112233445566778899aabbccddeeff
 IV:         00000000000000000000000000000000
 Plaintext:  11111111aaaaaaaa11111111bbbbbbbb 11111111cccccccc11111111dddddddd \
            22222222aaaaaaaa22222222bbbbbbbb 22222222cccccccc22222222dddddddd \
            33333333aaaaaaaa33333333bbbbbbbb 33333333cccccccc33333333dddddddd \
            44444444aaaaaaaa44444444bbbbbbbb 44444444cccccccc44444444dddddddd \
            55555555aaaaaaaa55555555bbbbbbbb 55555555cccccccc55555555dddddddd
 Ciphertext: 30026c329666141721178b99c0a1f1b2 f06940253f7b3089e2a30ea86aa3c88f \
            5940f05ad7ee41d71347bb7261e348f1 8360473fdf7d4e7723bffb4411cc13f6 \
            cdd89f3bc7b9c768145022c7a74f14d7 c305cd012a10f16050c23f1ae5c23f45 \
            998d13fbaa041e51619577e077276489 6a5d4516d8ffceb3bf7e05f613edd9a6 \
            0cdcedaff9cfcaf4e00d445a54334f73 ab2cad944e51d266548e61c6eb0aa1cd
 Test: Encrypt
--- a/TestVectors/chacha.txt
+++ b/TestVectors/chacha.txt
@ -1,36 +1,43 @@
 AlgorithmType: SymmetricCipher
-Name: ChaCha8
+Name: ChaCha
 Source: http://tools.ietf.org/html/draft-strombergson-chacha-test-vectors
 #
 Comment: TC1 - All zero key and IV (16-byte key).
 Key: r16 00
 IV: r8 00
 Rounds: 8
 Plaintext: r64 00
 Ciphertext: e28a5fa4a67f8c5defed3e6fb7303486aa8427d31419a729572d777953491120b64ab8e72b8deb85cd6aea7cb6089a101824beeb08814a428aab1fa2c816081b
 Test: Encrypt
 #
 Comment: TC1 - All zero key and IV (32-byte key).
 Key: r32 00
 IV: r8 00
 Plaintext: r64 00
 Ciphertext: 3e00ef2f895f40d67f5bb8e81f09a5a12c840ec3ce9a7f3b181be188ef711a1e984ce172b9216f419f445367456d5619314a42a3da86b001387bfdb80e0cfe42
 Test: Encrypt
 #
 Comment: TC2 - Single bit in key set. All zero IV (16-byte key).
 Key: 0x01000000000000000000000000000000
 IV: r8 00
 Plaintext: r64 00
 Ciphertext: 03a7669888605a0765e8357475e58673f94fc8161da76c2a3aa2f3caf9fe5449e0fcf38eb882656af83d430d410927d55c972ac4c92ab9da3713e19f761eaa14
 Test: Encrypt
 #
 Comment: TC2 - Single bit in key set. All zero IV (32-byte key).
 Key: 0x0100000000000000000000000000000000000000000000000000000000000000
 IV: r8 00
 Plaintext: r64 00
 Ciphertext: cf5ee9a0494aa9613e05d5ed725b804b12f4a465ee635acc3a311de8740489ea289d04f43c7518db56eb4433e498a1238cd8464d3763ddbb9222ee3bd8fae3c8
 Test: Encrypt
 #
 Comment: TC3 - Single bit in IV set. All zero key (16-byte key).
 Key: r16 00
 IV: 0x0100000000000000
 Plaintext: r64 00
 Ciphertext: 25f5bec6683916ff44bccd12d102e692176663f4cac53e719509ca74b6b2eec85da4236fb29902012adc8f0d86c8187d25cd1c486966930d0204c4ee88a6ab35
 Test: Encrypt
 #
 Comment: TC3 - Single bit in IV set. All zero key (32-byte key).
 Key: r32 00
 IV: 0x0100000000000000
@ -39,31 +46,236 @@ Ciphertext: 2b8f4bb3798306ca5130d47c4f8d4ed13aa0edccc1be6942090faeeca0d7599b7ff0
 Test: Encrypt
 AlgorithmType: SymmetricCipher
-Name: ChaCha12
+Name: ChaCha
 Source: https://cr.yp.to/streamciphers/timings/estreambench/submissions/salsa20/chacha8/ref/chacha.c
 #
 Comment: All one's key and IV (16-byte key).
 Key: r16 ff
 IV: r8 ff
 Rounds: 8
 Plaintext: r512 00
 Ciphertext: \
    2204D5B81CE662193E00966034F91302F14A3FB047F58B6E6EF0D72113230416 \
    3E0FB640D76FF9C3B9CD99996E6E38FAD13F0E31C82244D33ABBC1B11E8BF12D \
    9A81D78E9E56604DDFAE136921F51C9D81AE15119DB8E756DD28024493EE571D \
    363AE4BBCD6E7D300F99D2673AEB92CCFC6E43A38DC31BACD66B28F17B22B28A \
    B9A347AC756CF16B39683DFE4907D76E9318C53E3B892B4C4D477E3649A412DF \
    641722732D6B4B4E73541FEEA26F36163B860A6FFEFF2BD736DCB9E40BB49DFB \
    18E5060462F7EC41EF61C8EAED8F68987F4BBA84FF37DF645677AA26D59D1608 \
    201932E2F91565FC50BCCAE19370BEA3F4F6C9B40C69E1E7EF4993FB5C543246 \
    8AD37BDFA57F8C0A27AFABA186B20E08D08009C9AAAEC5BE1DB6A5FFD0F6D122 \
    F000015BB76329B170CBE114A17C0CBC8A721C3075EEDF5F131944F3BEA2E84C \
    009BF03FC47FAD2A7BA01573FA67FE859AD950A3E40190AA2FA3834D2FB604E0 \
    51F919D4C93CBC6272156BE543785691F698304071BA0D8722CD2694F711E4A2 \
    6E511837F4C46CDF9EB2A4573E2FBFF7F4320ACCD35DD64F9B2A40C7F017B971 \
    0CD9BC404FD17DC6E474B7EBFE03F5526409160760FB7915DACED8358B8B78C4 \
    FA9F0C53D408593CBE63FB1C86D34ACF2B412CD114A542A09BA915D091125542 \
    A72DBCA31889D0FC5CCC5F07FA227694100EE57E97C6C2B601273AA438F72693
 Test: Encrypt
 #
 Comment: All one's key and IV (32-byte key).
 Key: r32 ff
 IV: r8 ff
 Rounds: 8
 Plaintext: r512 00
 Ciphertext: \
    E163BBF8C9A739D18925EE8362DAD2CDC973DF05225AFB2AA26396F2A9849A4A \
    445E0547D31C1623C537DF4BA85C70A9884A35BCBF3DFAB077E98B0F68135F54 \
    81D4933F8B322AC0CD762C27235CE2B31534E0244A9A2F1FD5E94498D47FF108 \
    790C009CF9E1A348032A7694CB28024CD96D3498361EDB1785AF752D187AB54B \
    4194B9407D743285217760B19D0548294855D4C1620CDFF381657E106CA539E3 \
    E41CC0EAAFCB1C502BCE537275567F72CAE2C076B7DE295233132517E140ECF1 \
    B7B4F9DE5E87123D72AE0FA8672BBE5B73C5382DDD779A963C91E40B6B9EAF39 \
    F53B3982D9E4AC76DFAC3D5070373CF9E54036C9F0E9DBB327371D2E69308699 \
    8991D340F91458804B2445641E24189956674BAEC8120AC451F9BDDD14B65E99 \
    2C526CABF185EA53FD0ABD2DB88DE9FE88E19D3F26DC6BA4B9014924064D15E6 \
    7901B9BF0F4EB76C3E06BE3D1CA73289FF819A9DBF456F73686C5CF9207510F3 \
    7D95A24249E11E779D301237AF5A2BD3E6F34D7123811E26BB016C73D54A6D39 \
    8B4E9BBCD2EE4C31CBD3326148004684F27847CEAC28C341A894A670A0818324 \
    446468D08CA1C72BCBD1CE7EFD73D67D53C671C35EA57700D8B581E52E238A7E \
    25DDA3E1C1E35D96BDB9CAD13546971B1E5FDB2E83216FEF93E5457DE48A5ED8 \
    1F7E4B95484834A58B6AF8CCE9545BBBDC58929A1DEB2F6AEBF0DC2079F644E3
 Test: Encrypt
 #
 Comment: All one's key and IV (16-byte key).
 Key: r16 ff
 IV: r8 ff
 Rounds: 8
 Seek: 32
 Plaintext: r64 00
 Ciphertext: \
    3E0FB640D76FF9C3B9CD99996E6E38FAD13F0E31C82244D33ABBC1B11E8BF12D \
    9A81D78E9E56604DDFAE136921F51C9D81AE15119DB8E756DD28024493EE571D
 Test: Encrypt
 #
 Comment: All one's key and IV (32-byte key).
 Key: r32 ff
 IV: r8 ff
 Rounds: 8
 Seek: 32
 Plaintext: r64 00
 Ciphertext: \
    445E0547D31C1623C537DF4BA85C70A9884A35BCBF3DFAB077E98B0F68135F54 \
    81D4933F8B322AC0CD762C27235CE2B31534E0244A9A2F1FD5E94498D47FF108
 Test: Encrypt
 #
 Comment: Counter crosses 32-bit boundary (0xfffffffe*64)
 Key: r32 00
 IV: r8 00
 Rounds: 8
 Seek64: 0x3FFFFFFF80
 Plaintext: r1024 00
 Ciphertext: \
    AC22DD35E273D76E47D60D19AD753F578C38D4A8E28BA9F6055E8E0A1D7A6E53 \
    CDC46EDD57430E0EB14CF19CC107EE6DFF4836500383CD683CA2E8F11BA754DD \
    34A2B737751D19ECE0256B2BB87237F68188C02B10A6DC31939D4E5D319BD3BB \
    EE280B968AD567C1F103089F4F7346D1FEA5DEC60DAF906C3C4E889BC49E0049 \
    1CCC59A06308E05BE9D29E7288F166C58F2EE06003047710CBFDB7359DA916E8 \
    43980F2C3BF39DF2A3E1F451BA18C37F986FF783075484265819602305557DCD \
    B7BD167BDFD87E6E4DF89B2F110C9022F16325E2EC113E806A50774673CDB6AF \
    B5BD48D1E66C7631EDB52D0941452DDBD67BC790A20CFE24213194AE75B2EE47 \
    FE3B0698DD4E8DFA56E1841BC6F549097583143CB3A0D791C230D9C438EADCC9 \
    F233969591EDF6EA904FF86C7A541AFE0905D18E62867028E15AEC0B2CD46BF1 \
    E939F5026DD82A60AA06B99A3726EA6D76C2D48DDB8B1DCB365249859EDDC8C0 \
    CF23BDB1CA6203201206BDDC4844A36D52A10828D0AB77CAACAF7FA680E4ED5D \
    5D325C265A49436A691A54BC3D068A80D33187B17FBC4923879760C34DFFDA8F \
    BDBEF388A3B86E839E2A83DED9FE816238EEE22B2120BC39D7B26D3ECE4D5FA3 \
    8B6808FC587DF4D1E0C579FC6DBF10A0CF4C6696CD5501336EC05C45927565CB \
    9CB7626BF510D1EAAD21B208E76D55C15CBDCD36F4CA84A6939DE0C29539DE25 \
    E8D17BC489CB723682BE518CC695B127922C88BF8DC99245DBC146512735687F \
    079F458CDA31CAA064A3D5AD1020A849B4A587BC60BDDCAEE9517936D30FF11E \
    362D524675648DA360224DF3719D6AD569AF9E6B309119E3262FD3189891A140 \
    971350EB320109802A664216635F400A1086F8197841457126E2AF7A8AA46924 \
    FDD717270BB3A0C4F1723C507B143830E80D691300A1B477E4383D975BCAC73A \
    0C33BE5330C83247E330184F7C5E613227FD321A29AC50B75B93FC0B8FD51184 \
    648F3305432FC0177C319508D1025C1331EF78ED56D3405DF70980C07756F4F3 \
    686B0B0F110BCE4F9CD07463964B67AD7CFC05A6182A3B88F5E7C408C3A4E4E0 \
    1B446212735D2F31F53EE1DEEDEBDD353534CF69179DBB87E1C689C3C688CF6C \
    C94217963B796CC7CC47C37027B909C9E2C88D55458B838A87953CD0974CE348 \
    651E6126416AE7A81C855B1C856F542D76F9252D3EE78AE37C9B6C576E72E2C2 \
    71AD7542F22C2B106E3FAFB399864AB1F8B8263CA8D3311951AD0F4463964B68 \
    1E96FEBD06E4857986E7146981484DC6DF3692397B68CF953876FD1C2F6E5A80 \
    1FBD636D2912A833EA9024450A3ED43ED5D5298BB451578FB279B5ACBE47E35F \
    0B1D1094DCEA8272DF55897BEE2440B6B90D0B15F259D0BD2B402D434FFFF2E6 \
    79DA0921D748D31B963618DE2D8036D9F54F75BC61A26A9DA0F10E81E075CF5C
 Test: Encrypt
 #
 Comment: Counter crosses 32-bit boundary (0xffffffff*64)
 Key: r32 00
 IV: r8 00
 Rounds: 8
 Seek64: 0x3FFFFFFFC0
 Plaintext: r1024 00
 Ciphertext: \
    34A2B737751D19ECE0256B2BB87237F68188C02B10A6DC31939D4E5D319BD3BB \
    EE280B968AD567C1F103089F4F7346D1FEA5DEC60DAF906C3C4E889BC49E0049 \
    1CCC59A06308E05BE9D29E7288F166C58F2EE06003047710CBFDB7359DA916E8 \
    43980F2C3BF39DF2A3E1F451BA18C37F986FF783075484265819602305557DCD \
    B7BD167BDFD87E6E4DF89B2F110C9022F16325E2EC113E806A50774673CDB6AF \
    B5BD48D1E66C7631EDB52D0941452DDBD67BC790A20CFE24213194AE75B2EE47 \
    FE3B0698DD4E8DFA56E1841BC6F549097583143CB3A0D791C230D9C438EADCC9 \
    F233969591EDF6EA904FF86C7A541AFE0905D18E62867028E15AEC0B2CD46BF1 \
    E939F5026DD82A60AA06B99A3726EA6D76C2D48DDB8B1DCB365249859EDDC8C0 \
    CF23BDB1CA6203201206BDDC4844A36D52A10828D0AB77CAACAF7FA680E4ED5D \
    5D325C265A49436A691A54BC3D068A80D33187B17FBC4923879760C34DFFDA8F \
    BDBEF388A3B86E839E2A83DED9FE816238EEE22B2120BC39D7B26D3ECE4D5FA3 \
    8B6808FC587DF4D1E0C579FC6DBF10A0CF4C6696CD5501336EC05C45927565CB \
    9CB7626BF510D1EAAD21B208E76D55C15CBDCD36F4CA84A6939DE0C29539DE25 \
    E8D17BC489CB723682BE518CC695B127922C88BF8DC99245DBC146512735687F \
    079F458CDA31CAA064A3D5AD1020A849B4A587BC60BDDCAEE9517936D30FF11E \
    362D524675648DA360224DF3719D6AD569AF9E6B309119E3262FD3189891A140 \
    971350EB320109802A664216635F400A1086F8197841457126E2AF7A8AA46924 \
    FDD717270BB3A0C4F1723C507B143830E80D691300A1B477E4383D975BCAC73A \
    0C33BE5330C83247E330184F7C5E613227FD321A29AC50B75B93FC0B8FD51184 \
    648F3305432FC0177C319508D1025C1331EF78ED56D3405DF70980C07756F4F3 \
    686B0B0F110BCE4F9CD07463964B67AD7CFC05A6182A3B88F5E7C408C3A4E4E0 \
    1B446212735D2F31F53EE1DEEDEBDD353534CF69179DBB87E1C689C3C688CF6C \
    C94217963B796CC7CC47C37027B909C9E2C88D55458B838A87953CD0974CE348 \
    651E6126416AE7A81C855B1C856F542D76F9252D3EE78AE37C9B6C576E72E2C2 \
    71AD7542F22C2B106E3FAFB399864AB1F8B8263CA8D3311951AD0F4463964B68 \
    1E96FEBD06E4857986E7146981484DC6DF3692397B68CF953876FD1C2F6E5A80 \
    1FBD636D2912A833EA9024450A3ED43ED5D5298BB451578FB279B5ACBE47E35F \
    0B1D1094DCEA8272DF55897BEE2440B6B90D0B15F259D0BD2B402D434FFFF2E6 \
    79DA0921D748D31B963618DE2D8036D9F54F75BC61A26A9DA0F10E81E075CF5C \
    BEDB7A4CB8F33DDC71A836FE332D8DB08CF2833FD582E786CA57B1F5599B0FA8 \
    887E279E3863471FA282308B542EDE7741069929FF92B7A12884C074C1FEC48F
 Test: Encrypt
 #
 Comment: Counter crosses 32-bit boundary (0xfffffffc*64)
 Key: r32 00
 IV: r8 00
 Rounds: 8
 Seek64: 0x3FFFFFFF00
 Plaintext: r1024 00
 Ciphertext: \
    F75FC0AFC5A56D8F38FDFDD96233B42F926F5A21007D3412C7A28FEEED2B5401 \
    07BCC1A5F8AE49260A63E2A5A7F547A56B4807DDCD63BAF082A40F57B3A36A6D \
    B7B5E36ACFB9D060F2830903343264C1C3EC582110898C2650B559EE29B7411E \
    87EE094887D1D8188563FF64F0755F1361381A6A1EF22D6B8732B2C9B7DE669D \
    AC22DD35E273D76E47D60D19AD753F578C38D4A8E28BA9F6055E8E0A1D7A6E53 \
    CDC46EDD57430E0EB14CF19CC107EE6DFF4836500383CD683CA2E8F11BA754DD \
    34A2B737751D19ECE0256B2BB87237F68188C02B10A6DC31939D4E5D319BD3BB \
    EE280B968AD567C1F103089F4F7346D1FEA5DEC60DAF906C3C4E889BC49E0049 \
    1CCC59A06308E05BE9D29E7288F166C58F2EE06003047710CBFDB7359DA916E8 \
    43980F2C3BF39DF2A3E1F451BA18C37F986FF783075484265819602305557DCD \
    B7BD167BDFD87E6E4DF89B2F110C9022F16325E2EC113E806A50774673CDB6AF \
    B5BD48D1E66C7631EDB52D0941452DDBD67BC790A20CFE24213194AE75B2EE47 \
    FE3B0698DD4E8DFA56E1841BC6F549097583143CB3A0D791C230D9C438EADCC9 \
    F233969591EDF6EA904FF86C7A541AFE0905D18E62867028E15AEC0B2CD46BF1 \
    E939F5026DD82A60AA06B99A3726EA6D76C2D48DDB8B1DCB365249859EDDC8C0 \
    CF23BDB1CA6203201206BDDC4844A36D52A10828D0AB77CAACAF7FA680E4ED5D \
    5D325C265A49436A691A54BC3D068A80D33187B17FBC4923879760C34DFFDA8F \
    BDBEF388A3B86E839E2A83DED9FE816238EEE22B2120BC39D7B26D3ECE4D5FA3 \
    8B6808FC587DF4D1E0C579FC6DBF10A0CF4C6696CD5501336EC05C45927565CB \
    9CB7626BF510D1EAAD21B208E76D55C15CBDCD36F4CA84A6939DE0C29539DE25 \
    E8D17BC489CB723682BE518CC695B127922C88BF8DC99245DBC146512735687F \
    079F458CDA31CAA064A3D5AD1020A849B4A587BC60BDDCAEE9517936D30FF11E \
    362D524675648DA360224DF3719D6AD569AF9E6B309119E3262FD3189891A140 \
    971350EB320109802A664216635F400A1086F8197841457126E2AF7A8AA46924 \
    FDD717270BB3A0C4F1723C507B143830E80D691300A1B477E4383D975BCAC73A \
    0C33BE5330C83247E330184F7C5E613227FD321A29AC50B75B93FC0B8FD51184 \
    648F3305432FC0177C319508D1025C1331EF78ED56D3405DF70980C07756F4F3 \
    686B0B0F110BCE4F9CD07463964B67AD7CFC05A6182A3B88F5E7C408C3A4E4E0 \
    1B446212735D2F31F53EE1DEEDEBDD353534CF69179DBB87E1C689C3C688CF6C \
    C94217963B796CC7CC47C37027B909C9E2C88D55458B838A87953CD0974CE348 \
    651E6126416AE7A81C855B1C856F542D76F9252D3EE78AE37C9B6C576E72E2C2 \
    71AD7542F22C2B106E3FAFB399864AB1F8B8263CA8D3311951AD0F4463964B68
 Test: Encrypt
 #################################################
 AlgorithmType: SymmetricCipher
 Name: ChaCha
 Source: http://tools.ietf.org/html/draft-strombergson-chacha-test-vectors
 #
 Comment: TC1 - All zero key and IV (16-byte key).
 Key: r16 00
 IV: r8 00
 Rounds: 12
 Plaintext: r64 00
 Ciphertext: e1047ba9476bf8ff312c01b4345a7d8ca5792b0ad467313f1dc412b5fdce32410dea8b68bd774c36a920f092a04d3f95274fbeff97bc8491fcef37f85970b450
 Test: Encrypt
 #
 Comment: TC1 - All zero key and IV (32-byte key).
 Key: r32 00
 IV: r8 00
 Plaintext: r64 00
 Ciphertext: 9bf49a6a0755f953811fce125f2683d50429c3bb49e074147e0089a52eae155f0564f879d27ae3c02ce82834acfa8c793a629f2ca0de6919610be82f411326be
 Test: Encrypt
 #
 Comment: TC2 - Single bit in key set. All zero IV (16-byte key).
 Key: 0x01000000000000000000000000000000
 IV: r8 00
 Plaintext: r64 00
 Ciphertext: 2a865a3b8999fa83ae8aacf33fc6be4f32c8aa9762738d26963270052f4eef8b86af758f7867560af6d0eeb973b5542bb24c8abceac8b1f36d026963d6c8a9b2
 Test: Encrypt
 #
 Comment: TC2 - Single bit in key set. All zero IV (32-byte key).
 Key: 0x0100000000000000000000000000000000000000000000000000000000000000
 IV: r8 00
 Plaintext: r64 00
 Ciphertext: 12056e595d56b0f6eef090f0cd25a20949248c2790525d0f930218ff0b4ddd10a6002239d9a454e29e107a7d06fefdfef0210feba044f9f29b1772c960dc29c0
 #
 Test: Encrypt
 Comment: TC3 - Single bit in IV set. All zero key (16-byte key).
 Key: r16 00
@ -71,6 +283,7 @@ IV: 0x0100000000000000
 Plaintext: r64 00
 Ciphertext: 91cdb2f180bc89cfe86b8b6871cd6b3af61abf6eba01635db619c40a0b2e19edfa8ce5a9bd7f53cc2c9bcfea181e9754a9e245731f658cc282c2ae1cab1ae02c
 Test: Encrypt
 #
 Comment: TC3 - Single bit in IV set. All zero key (32-byte key).
 Key: r32 00
 IV: 0x0100000000000000
@ -79,38 +292,244 @@ Ciphertext: 64b8bdf87b828c4b6dbaf7ef698de03df8b33f635714418f9836ade59be1296946c9
 Test: Encrypt
 AlgorithmType: SymmetricCipher
-Name: ChaCha20
+Name: ChaCha
 Source: https://cr.yp.to/streamciphers/timings/estreambench/submissions/salsa20/chacha8/ref/chacha.c
 #
 Comment: All one's key and IV (16-byte key).
 Key: r16 ff
 IV: r8 ff
 Rounds: 12
 Plaintext: r512 00
 Ciphertext: \
    60E349E60C38B328C4BAAB90D44A7C727662770D36350D65A1433BD92B00ECF4 \
    83D5597D7A616258EC3C5D5B30E1C5C85C5DFE2F92423B8E36870F3185B6ADD9 \
    F34DAB6C2BC551898FBDCDFC783F09171CC8B59A8B2852983C3A9B91D29B5761 \
    12464A9D8E050263E989906F42C7EFCAC8A70A85BB7FF2211273FBD4CAD96142 \
    DB89BA6820D565E1DBA19B70DD2CEB8A9ECA55CA48B92B1B27D4676BE4985508 \
    9AA6202B811799D95EA5A239C39861D7E4B56E0847C2CCF8FAAA3768268F80D6 \
    87E6DA5D95C303A3A29D2AB10B392F223F426A1E5400D272083DE05B7BEAB22C \
    46C667513885DE4EAB9A18660D1247ECFAC6EE049180A4E780158A29D4914F0C \
    B87860D4C30C5F2BFADA2615D09907F7059BD6EA7278BAD8CAF57145B6C431CE \
    E4EB781A9ADDB1CBDB0ADED70CDA2F195FF311888C9A23409A00529B654332BB \
    0E566990895D96E264D56438619F515E29E023D0C434D56142A1916ED6529476 \
    7DA1D97911C069FCBF711AA8682A9EA19A41F400BCDF6D9ABFDC518063F5F75D \
    0060D6F03B9B78577B89C577643E69590518CEEA869665458E027EA27D002767 \
    C22241E8E12C421623B86C667341E0C2E7E3F2FDCC058C26F9A64626CEDFDE08 \
    35F6A77CF8BF99FB7ABCD3874366E3B8FDAEDF83B58701C08B1F39027A913868 \
    CF84F5C9001701A6ACE8C05C05578E47CA7691F9058C8B7298B756B900BC535A
 Test: Encrypt
 #
 Comment: All one's key and IV (32-byte key).
 Key: r32 ff
 IV: r8 ff
 Rounds: 12
 Plaintext: r512 00
 Ciphertext: \
    04BF88DAE8E47A228FA47B7E6379434BA664A7D28F4DAB84E5F8B464ADD20C3A \
    CAA69C5AB221A23A57EB5F345C96F4D1322D0A2FF7A9CD43401CD536639A615A \
    5C9429B55CA3C1B55354559669A154ACA46CD761C41AB8ACE385363B95675F06 \
    8E18DB5A673C11291BD4187892A9A3A33514F3712B26C13026103298ED76BC9A \
    19E1C370231E9F3351C2E71C5D0635D8E9908EBEBFBAA1F493C1ACCD015F7D50 \
    4582C1B3D52449D7A707F5D136BF83E019643902FE052AD8577A037343E128F4 \
    3514FED8B5B612EBDF26851DE269E2E2398358383CD0067864BFB4E835613E2F \
    AA2B4759C7A615614176A133F6F30D063A64A8274A558773E537DCC0753A1208 \
    9C90E1574D00E2E444EFC18F1CCFA8EC328163A909C45DFCDB1B92049B2D01D5 \
    DEC0F6F102EB3E63B724B7B0ACD038962CA2A153E6B4756BFBB870D20D30C970 \
    1EC3FA344E26B02D4CE834630D2A1889DF42F07D48EA08609FAC95DF29BAEF9B \
    89BC66265947A35085F7C19BF30CA6019E48A736FDBB1E49236B3538F2F9FE98 \
    2882B0524FD01F213F016326ADCD8503DCD928EFC1A02F824B9E9D998CD73EF2 \
    5D52E6E6BB2FF8B0284C7565E26868EFD6C1A86DAD733417FB80606EB5BB3A9F \
    5E16F52D6857A1A602A7FC6DDD578CA868F1E51AADD3209034A4740036DE08A7 \
    A906067C997F01E4E334CBA913407C7A462A968B272834D2D66DF24922F4302C
 Test: Encrypt
 #
 Comment: All one's key and IV (16-byte key).
 Key: r16 ff
 IV: r8 ff
 Rounds: 12
 Seek: 32
 Plaintext: r64 00
 Ciphertext: \
    83D5597D7A616258EC3C5D5B30E1C5C85C5DFE2F92423B8E36870F3185B6ADD9 \
    F34DAB6C2BC551898FBDCDFC783F09171CC8B59A8B2852983C3A9B91D29B5761
 Test: Encrypt
 #
 Comment: All one's key and IV (32-byte key).
 Key: r32 ff
 IV: r8 ff
 Rounds: 12
 Seek: 32
 Plaintext: r64 00
 Ciphertext: \
    CAA69C5AB221A23A57EB5F345C96F4D1322D0A2FF7A9CD43401CD536639A615A \
    5C9429B55CA3C1B55354559669A154ACA46CD761C41AB8ACE385363B95675F06
 Test: Encrypt
 #
 Comment: Counter crosses 32-bit boundary (0xffffffff*64)
 Key: r32 00
 IV: r8 00
 Rounds: 12
 Seek64: 0x3FFFFFFFC0
 Plaintext: r1024 00
 Ciphertext: \
    D7A6AF50F1C92A29484252BBFCE206F17D01DD139530A3830AB583C1F62E0312 \
    829361A19A8A956CEDEA380430FF932CD052DB5E9477835058B80A272406FC74 \
    CC7B53DC11894D26240581B8A8F4F4E5AF406705801223B13F821FDCCBA6A618 \
    8A63F8D3DC83CCBCED451F4BA4E0DAAB228ABB0D7439CC67E50DF7129F646BAD \
    A0F5387AF3FAEC30DC25783285275137394EB539AF19DDC286C20DDFD252F85A \
    5D1B9D76F6A4F4C97A49275C18DC040B77432865988C49D2EC9C4366BE926481 \
    7F146661C007B7558ABB6C0B5EE94F722913A34AB3AB248031B5929DA1CDE7E3 \
    B33DBF441151CD1770073C28D794351A4C42E6DC3B418ED7118BF314CF26AB99 \
    E855F6C00854E00D63BFD389EDEA3D557C5016EEF3DFC00D8FF1FE76566AC486 \
    51AF4F61CEE3290B007BE9ADF56C3DD30CD4403C78C5AF2603C60F8CC4DC625B \
    44A2EB21492D383DF430D07E77DCEE44BA9DD8E806C7170D4AE3AD93586AD6A2 \
    FD12501335D0AB7CE42675A0F3D129D25250537E544569EA4D659B052207AEEF \
    F458FB1C81B45276B5A7A9BD1FA682FA4CBA0B9284291F11FBBAA363E7F4D1B6 \
    9F6BB7FB3D7BBCF4E4C8F5722FE26DD5DE12E9A2722C71A075EBD5AE3BEDF296 \
    1CD31D059EDB1E58DE97C9BD64A8C06F91F2699C47B950B3E4742E5423D6FA12 \
    0F085C504E4A89F82C5ECAA2459C9F54057DEEE5CD201BF5B96BF1F7CC0A246C \
    01EC149DCC8A5A59FCC7B38CE4EA15692CB65587D584414A8BC7EC9A982E92ED \
    9275377792A06C5B8E594FFEFC630BA11209AEF8763531255E522B078CC8B4EC \
    74BD3AFA9BC4A6C39B3B7A00A706BDD8FC24E97335BB22270BECDDB3E3580812 \
    A414586C361D58A9F63836B3D458F2AC43A6099C4031F185E5FA7ACF6946D47A \
    47CBA42630D0F39B741FBE29E105DF2DF833B790DE6E825DBF38123DE2C44521 \
    A555300EA7FF7949DD19B09FFE192C109A3C132337B6ED69C50F552D658AB83C \
    5A6966CAA246168FF5443B305CF53E1B601C44C7D402BEDB8BFFB066C9EC3B1B \
    D886235BDFD5CD426323CCDF8E48A1EC39BCF51081683E54E68E7C680CA026DA \
    7DC1AD922D2B8B28A815974A7D25FA363AF164A3359F88324E547EF36BE98247 \
    E4A4698CAF902D5926EE148D0ED957AB34FE1BFAA82791B7BEB42E358611DF0F \
    95FDA7D00918DC1CFA14AD34139DE2C14DB762F54BB5A475891C33BF4259B8CF \
    DE0D19DA0CA374F40A48E32685C94795E085813D3DD3771C5B3B1EDF242897E5 \
    DA6044325924559C49CC1F88957CEBB2E935772A831578604C898968F331B8D3 \
    8B9CDE84C404515402C6A1D5E68C4115D86A571E1DD983CD56E8BF78A3C3C870 \
    55674CAF12B50AD4A318899C62F0E549D24EB2FC2D63A57B1B9FA5474B7627A7 \
    0DA5BD3D1899134E5546AF682E97517DD9C4FE5374C640DFCC134C5A4762FB1E
 Test: Encrypt
 #
 Comment: Counter crosses 32-bit boundary (0xfffffffe*64)
 Key: r32 00
 IV: r8 00
 Rounds: 12
 Seek64: 0x3FFFFFFF80
 Plaintext: r1024 00
 Ciphertext: \
    0502A68D6D5350892D5EE33F1286AEA1897CE4EF1DFE002C49C3D27A497994EB \
    7DBE6CA85D5E0C80814D4BA29D57FA8AF838DCC5CD3E62D0D62331D8DAB0B50F \
    D7A6AF50F1C92A29484252BBFCE206F17D01DD139530A3830AB583C1F62E0312 \
    829361A19A8A956CEDEA380430FF932CD052DB5E9477835058B80A272406FC74 \
    CC7B53DC11894D26240581B8A8F4F4E5AF406705801223B13F821FDCCBA6A618 \
    8A63F8D3DC83CCBCED451F4BA4E0DAAB228ABB0D7439CC67E50DF7129F646BAD \
    A0F5387AF3FAEC30DC25783285275137394EB539AF19DDC286C20DDFD252F85A \
    5D1B9D76F6A4F4C97A49275C18DC040B77432865988C49D2EC9C4366BE926481 \
    7F146661C007B7558ABB6C0B5EE94F722913A34AB3AB248031B5929DA1CDE7E3 \
    B33DBF441151CD1770073C28D794351A4C42E6DC3B418ED7118BF314CF26AB99 \
    E855F6C00854E00D63BFD389EDEA3D557C5016EEF3DFC00D8FF1FE76566AC486 \
    51AF4F61CEE3290B007BE9ADF56C3DD30CD4403C78C5AF2603C60F8CC4DC625B \
    44A2EB21492D383DF430D07E77DCEE44BA9DD8E806C7170D4AE3AD93586AD6A2 \
    FD12501335D0AB7CE42675A0F3D129D25250537E544569EA4D659B052207AEEF \
    F458FB1C81B45276B5A7A9BD1FA682FA4CBA0B9284291F11FBBAA363E7F4D1B6 \
    9F6BB7FB3D7BBCF4E4C8F5722FE26DD5DE12E9A2722C71A075EBD5AE3BEDF296 \
    1CD31D059EDB1E58DE97C9BD64A8C06F91F2699C47B950B3E4742E5423D6FA12 \
    0F085C504E4A89F82C5ECAA2459C9F54057DEEE5CD201BF5B96BF1F7CC0A246C \
    01EC149DCC8A5A59FCC7B38CE4EA15692CB65587D584414A8BC7EC9A982E92ED \
    9275377792A06C5B8E594FFEFC630BA11209AEF8763531255E522B078CC8B4EC \
    74BD3AFA9BC4A6C39B3B7A00A706BDD8FC24E97335BB22270BECDDB3E3580812 \
    A414586C361D58A9F63836B3D458F2AC43A6099C4031F185E5FA7ACF6946D47A \
    47CBA42630D0F39B741FBE29E105DF2DF833B790DE6E825DBF38123DE2C44521 \
    A555300EA7FF7949DD19B09FFE192C109A3C132337B6ED69C50F552D658AB83C \
    5A6966CAA246168FF5443B305CF53E1B601C44C7D402BEDB8BFFB066C9EC3B1B \
    D886235BDFD5CD426323CCDF8E48A1EC39BCF51081683E54E68E7C680CA026DA \
    7DC1AD922D2B8B28A815974A7D25FA363AF164A3359F88324E547EF36BE98247 \
    E4A4698CAF902D5926EE148D0ED957AB34FE1BFAA82791B7BEB42E358611DF0F \
    95FDA7D00918DC1CFA14AD34139DE2C14DB762F54BB5A475891C33BF4259B8CF \
    DE0D19DA0CA374F40A48E32685C94795E085813D3DD3771C5B3B1EDF242897E5 \
    DA6044325924559C49CC1F88957CEBB2E935772A831578604C898968F331B8D3 \
    8B9CDE84C404515402C6A1D5E68C4115D86A571E1DD983CD56E8BF78A3C3C870
 Test: Encrypt
 #
 Comment: Counter crosses 32-bit boundary (0xfffffffc*64)
 Key: r32 00
 IV: r8 00
 Rounds: 12
 Seek64: 0x3FFFFFFF00
 Plaintext: r1024 00
 Ciphertext: \
    5892C27AFFC04BFF6D877D6958F973D7918E9423C8E92696658A8D47B7231F8E \
    FEEC34D15E07621D51EE87D4FB3368483B3722B0CED3580C792C3988F781AF0D \
    3460198B28EAB8115D4E75F4AD994CE2619B7942CFF8F862D77655A80F539097 \
    4DB43CC4CFC895FECAD6465E81AF7174140D9D4F54A288A343EB1321207D4ADD \
    0502A68D6D5350892D5EE33F1286AEA1897CE4EF1DFE002C49C3D27A497994EB \
    7DBE6CA85D5E0C80814D4BA29D57FA8AF838DCC5CD3E62D0D62331D8DAB0B50F \
    D7A6AF50F1C92A29484252BBFCE206F17D01DD139530A3830AB583C1F62E0312 \
    829361A19A8A956CEDEA380430FF932CD052DB5E9477835058B80A272406FC74 \
    CC7B53DC11894D26240581B8A8F4F4E5AF406705801223B13F821FDCCBA6A618 \
    8A63F8D3DC83CCBCED451F4BA4E0DAAB228ABB0D7439CC67E50DF7129F646BAD \
    A0F5387AF3FAEC30DC25783285275137394EB539AF19DDC286C20DDFD252F85A \
    5D1B9D76F6A4F4C97A49275C18DC040B77432865988C49D2EC9C4366BE926481 \
    7F146661C007B7558ABB6C0B5EE94F722913A34AB3AB248031B5929DA1CDE7E3 \
    B33DBF441151CD1770073C28D794351A4C42E6DC3B418ED7118BF314CF26AB99 \
    E855F6C00854E00D63BFD389EDEA3D557C5016EEF3DFC00D8FF1FE76566AC486 \
    51AF4F61CEE3290B007BE9ADF56C3DD30CD4403C78C5AF2603C60F8CC4DC625B \
    44A2EB21492D383DF430D07E77DCEE44BA9DD8E806C7170D4AE3AD93586AD6A2 \
    FD12501335D0AB7CE42675A0F3D129D25250537E544569EA4D659B052207AEEF \
    F458FB1C81B45276B5A7A9BD1FA682FA4CBA0B9284291F11FBBAA363E7F4D1B6 \
    9F6BB7FB3D7BBCF4E4C8F5722FE26DD5DE12E9A2722C71A075EBD5AE3BEDF296 \
    1CD31D059EDB1E58DE97C9BD64A8C06F91F2699C47B950B3E4742E5423D6FA12 \
    0F085C504E4A89F82C5ECAA2459C9F54057DEEE5CD201BF5B96BF1F7CC0A246C \
    01EC149DCC8A5A59FCC7B38CE4EA15692CB65587D584414A8BC7EC9A982E92ED \
    9275377792A06C5B8E594FFEFC630BA11209AEF8763531255E522B078CC8B4EC \
    74BD3AFA9BC4A6C39B3B7A00A706BDD8FC24E97335BB22270BECDDB3E3580812 \
    A414586C361D58A9F63836B3D458F2AC43A6099C4031F185E5FA7ACF6946D47A \
    47CBA42630D0F39B741FBE29E105DF2DF833B790DE6E825DBF38123DE2C44521 \
    A555300EA7FF7949DD19B09FFE192C109A3C132337B6ED69C50F552D658AB83C \
    5A6966CAA246168FF5443B305CF53E1B601C44C7D402BEDB8BFFB066C9EC3B1B \
    D886235BDFD5CD426323CCDF8E48A1EC39BCF51081683E54E68E7C680CA026DA \
    7DC1AD922D2B8B28A815974A7D25FA363AF164A3359F88324E547EF36BE98247 \
    E4A4698CAF902D5926EE148D0ED957AB34FE1BFAA82791B7BEB42E358611DF0F
 Test: Encrypt
 #################################################
 AlgorithmType: SymmetricCipher
 Name: ChaCha
 Source: http://tools.ietf.org/html/draft-strombergson-chacha-test-vectors
 #
 Comment: TC1 - All zero key and IV (16-byte key).
 Key: r16 00
 IV: r8 00
 Rounds: 20
 Plaintext: r64 00
 Ciphertext: 89670952608364fd00b2f90936f031c8e756e15dba04b8493d00429259b20f46cc04f111246b6c2ce066be3bfb32d9aa0fddfbc12123d4b9e44f34dca05a103f
 Test: Encrypt
 #
 Comment: TC1 - All zero key and IV (32-byte key).
 Key: r32 00
 IV: r8 00
 Plaintext: r64 00
 Ciphertext: 76b8e0ada0f13d90405d6ae55386bd28bdd219b8a08ded1aa836efcc8b770dc7da41597c5157488d7724e03fb8d84a376a43b8f41518a11cc387b669b2ee6586
 Test: Encrypt
 #
 Comment: TC2 - Single bit in key set. All zero IV (16-byte key).
 Key: 0x01000000000000000000000000000000
 IV: r8 00
 Plaintext: r64 00
 Ciphertext: ae56060d04f5b597897ff2af1388dbceff5a2a4920335dc17a3cb1b1b10fbe70ece8f4864d8c7cdf0076453a8291c7dbeb3aa9c9d10e8ca36be4449376ed7c42
 Test: Encrypt
 #
 Comment: TC2 - Single bit in key set. All zero IV (32-byte key).
 Key: 0x0100000000000000000000000000000000000000000000000000000000000000
 IV: r8 00
 Plaintext: r64 00
 Ciphertext: c5d30a7ce1ec119378c84f487d775a8542f13ece238a9455e8229e888de85bbd29eb63d0a17a5b999b52da22be4023eb07620a54f6fa6ad8737b71eb0464dac0
 Test: Encrypt
 #
 Comment: TC3 - Single bit in IV set. All zero key (16-byte key).
 Key: r16 00
 IV: 0x0100000000000000
 Plaintext: r64 00
 Ciphertext: 1663879eb3f2c9949e2388caa343d361bb132771245ae6d027ca9cb010dc1fa7178dc41f8278bc1f64b3f12769a24097f40d63a86366bdb36ac08abe60c07fe8
 Test: Encrypt
 #
 Comment: TC3 - Single bit in IV set. All zero key (32-byte key).
 Key: r32 00
 IV: 0x0100000000000000
@ -118,3 +537,240 @@ Plaintext: r64 00
 Ciphertext: ef3fdfd6c61578fbf5cf35bd3dd33b8009631634d21e42ac33960bd138e50d32111e4caf237ee53ca8ad6426194a88545ddc497a0b466e7d6bbdb0041b2f586b
 Test: Encrypt
 AlgorithmType: SymmetricCipher
 Name: ChaCha
 Source: https://cr.yp.to/streamciphers/timings/estreambench/submissions/salsa20/chacha8/ref/chacha.c
 #
 Comment: All one's key and IV (16-byte key).
 Key: r16 ff
 IV: r8 ff
 Rounds: 20
 Plaintext: r512 00
 Ciphertext: \
    992947C3966126A0E660A3E95DB048DE091FB9E0185B1E41E41015BB7EE50150 \
    399E4760B262F9D53F26D8DD19E56F5C506AE0C3619FA67FB0C408106D0203EE \
    40EA3CFA61FA32A2FDA8D1238A2135D9D4178775240F99007064A6A7F0C731B6 \
    7C227C52EF796B6BED9F9059BA0614BCF6DD6E38917F3B150E576375BE50ED67 \
    B0EDE573FD64189655C22A452CA343A3F63DE7A2BF75DB4BC5EC87AE6B3818E0 \
    E4FB1DE2CC047982D6A9FEF37B9D3A11D6329AB81A9ED9FDAB565EE99DDEA1FE \
    D207921A4169C3F1B212A886E6AE48FB19E9AF414915B087F9AF7F74EEA49732 \
    ED08500D8EEBD8083F9101984E30D4162D3C0A8BE4F18B22491A61DF53A7E629 \
    3406AF356940F23C66A4E2A4CE7284C30DCAC3C58B4491D755B02BC91F864E24 \
    9097953A8D81737B8CFA80407571E3CC6BA716D1FAAD50209B737665563684B0 \
    201D668B79D23D68BA41C92EDB2C66119C662E19B3A317FE1D7F4B7E52211FC2 \
    16EE14FB9E7B063D8010036C5C18F73084448A514A4EA32A8FB74E40ADBDBAEE \
    14F371872A3864D80695049098ED1B69E425E55BE5B27DD41255E24A27484CDB \
    EBD332BCCFE8CC4FFC4669E2EAC7B6202BF1D966AA24C0110DFB80E68A12973B \
    5A9793643E862A891DBCF2321F362B9977306405EACD5BB0CB09316803F70F0D \
    2CE2AF1C267EB944314DDC515412600FCB7D0A3EC16FDD105F5A4C8507DB36AA
 Test: Encrypt
 #
 Comment: All one's key and IV (32-byte key).
 Key: r32 ff
 IV: r8 ff
 Rounds: 20
 Plaintext: r512 00
 Ciphertext: \
    D9BF3F6BCE6ED0B54254557767FB57443DD4778911B606055C39CC25E674B836 \
    3FEABC57FDE54F790C52C8AE43240B79D49042B777BFD6CB80E931270B7F50EB \
    5BAC2ACD86A836C5DC98C116C1217EC31D3A63A9451319F097F3B4D6DAB07787 \
    19477D24D24B403A12241D7CCA064F790F1D51CCAFF6B1667D4BBCA1958C4306 \
    2D83C32143F7D743A87F710C3202AF7D30046775865F3934958597BB38FFE32C \
    7C5B456E3E5457D203BB45D304D014D46709EA4DB71A935EFC388CEFA5B894E5 \
    D1076A95EC7791AB0AD55C2A2FAC3C61E35BAE153036763326D632C9E004BC6D \
    A45D5FC9486C29F002E40A7AB619DDCA1A660765F853C77E1FF44C2A4F49344F \
    7530DC05190BD9A256FE38CEDE7DAA540904135BEC993088E712276467166A63 \
    04F1FC26C9DDA89CEE93D15441C88FC15E143DB941BBB42424A36E5C8F5AAA49 \
    2BFEED0BA93348AA786F40114F4895A6B21A11DB8937A510B2A099F75C1E03E7 \
    A6E3E281EC9C66D400F36C232798C6496048028C8D7320F43E97A56D6C4D1183 \
    8FD5DD8F45DF7DE235225B5F1C41C3AFED4EC0526AB38DCB8597770803F1261C \
    D22CFEAEC86612E53DEFC29848C055053C6B1D462A3CF09B228E47211AFBA0AF \
    4E4C2B336E6EE2F471823808523F073C1BC8785D258AC2BD580209A82A875273 \
    93DF828B6A6728ABD7AAD0485BFF5CE92C8DB78B1E63929FC76A905E8C7AF310
 Test: Encrypt
 #
 Comment: All one's key and IV (16-byte key).
 Key: r16 ff
 IV: r8 ff
 Rounds: 20
 Seek: 32
 Plaintext: r64 00
 Ciphertext: \
    399E4760B262F9D53F26D8DD19E56F5C506AE0C3619FA67FB0C408106D0203EE \
    40EA3CFA61FA32A2FDA8D1238A2135D9D4178775240F99007064A6A7F0C731B6
 Test: Encrypt
 #
 Comment: All one's key and IV (32-byte key).
 Key: r32 ff
 IV: r8 ff
 Rounds: 20
 Seek: 32
 Plaintext: r64 00
 Ciphertext: \
    3FEABC57FDE54F790C52C8AE43240B79D49042B777BFD6CB80E931270B7F50EB \
    5BAC2ACD86A836C5DC98C116C1217EC31D3A63A9451319F097F3B4D6DAB07787
 Test: Encrypt
 #
 Comment: Counter crosses 32-bit boundary (0xffffffff*64)
 Key: r32 00
 IV: r8 00
 Rounds: 20
 Seek64: 0x3FFFFFFFC0
 Plaintext: r1024 00
 Ciphertext: \
    ACE4CD09E294D1912D4AD205D06F95D9C2F2BFCF453E8753F128765B62215F4D \
    92C74F2F626C6A640C0B1284D839EC81F1696281DAFC3E684593937023B58B1D \
    3DB41D3AA0D329285DE6F225E6E24BD59C9A17006943D5C9B680E3873BDC683A \
    5819469899989690C281CD17C96159AF0682B5B903468A61F50228CF09622B5A \
    46F0F6EFEE15C8F1B198CB49D92B990867905159440CC723916DC00128269810 \
    39CE1766AA2542B05DB3BD809AB142489D5DBFE1273E7399637B4B3213768AAA \
    89B1889375E99FE2442C4F68ADF54158F4B8135713D00999B92B38E3AAFE5FF4 \
    959B1834BE3DC54FC36AA9D32EB121E0F688B90E7C7E2649F4AAEF407BDD2B94 \
    09EFEC03114CB5D4FFD1788E0FE1897BD176C1311E368368C657A5EE55C9CA03 \
    CC71744F030822D53A0486A97B9D98240274FADEAF262BD81B58BCE3DFA98414 \
    C24B5BC517FD91993A6B2E6232B0502125C6F48A6921E2DDA8EB6B3C4ECF2AAE \
    889602AD90B5D2537FF45DF525C67B983B51DBD23E1280AA656EAE85B63CC42D \
    E8C70E7C19C1D66E3F902BEA9D1ACFD3326B5985AD7C8CABD431ACBC62976CE5 \
    23C938EA447D4AF0F560DC52B0AB1D7D66A42AB8272E2C40BD66470FE6F68846 \
    12A11D899A0B7EB54907BBEDD6483EFCED1F15621D4673FF928C5AAB5F465257 \
    123679EF17C39648C537E150108E0F6608732E9F5B240689EEB5402FA04CCB89 \
    B7CA9649A361C526B41ED110402D9497715B03441118BC4953FCBEF395267570 \
    BD43EC0EEF7B6167F14FED205EB812907D0C134DC49FA5B18F5A3A3A9BD0A71B \
    2FFE445EE4FABEB4054CC922BA360E4589B681F01E2A43B5A0C0F0C39A5ADB94 \
    B3BC2D20FF7F287FDF17F53B7CB5E3A1ABD46FC0819A3559C03C6B4106603066 \
    359A4A09B468B6DFEF8A363C7B31D9E88ABB85914F4A27C30E9915C66AAC3576 \
    9E481C87AEE4C3138CF40F288ED3C172FFC17D3D78F8D32C3C756C13CFBFB95F \
    3ECCE6D8B54344D78998F58148C4B43B1A6201ABFF3D4FB4B76E3BBA104CFAA5 \
    5D8DA4319A9E0606644B07DC204E9635502186C1EF9E43322EFD69F86D4DA1F6 \
    A98BF0B800BA04BD9FBA5C5BE8EC49D48D9EECBADEE669EF69C9522C730110BB \
    8339AF0E45185262C9183307C5EEA59DE5095CAC26E8428D4CA9E44DCF8FC7B4 \
    1F9624A2DBA36F44415BAC489BF46CB6BB1BD2B70D719772FDABB3B166EA615A \
    BDF208C39BA8A708D933CBC8A3236D4A15629FCAA35E00C2B361527326E7AB51 \
    409A7DE42C9093346E41D3A3C4529D9557BBC01EEFF927F1052B5E02F74542B0 \
    4E78F1E933C67DBC2C9187527C86DA77F045D4B07CF646BA9547646905F1F117 \
    0C503C0AEC51EC93F303D61756318EF5999B4B8EFE1C7D74B8FF0E9FD0BAEB55 \
    585F41AADA7A83ED42153BF9D87349AD100D40D25B1B05423E56761A32DD01A9
 Test: Encrypt
 #
 Comment: Counter crosses 32-bit boundary (0xfffffffe*64)
 Key: r32 00
 IV: r8 00
 Rounds: 20
 Seek64: 0x3FFFFFFF80
 Plaintext: r1024 00
 Ciphertext: \
    032CC123482C31711F94C941AF5AB1F4155784332ED5348FE79AEC5EAD4C06C3 \
    F13C280D8CC49925E4A6A5922EC80E13A4CDFA840C70A1427A3CB699166991A5 \
    ACE4CD09E294D1912D4AD205D06F95D9C2F2BFCF453E8753F128765B62215F4D \
    92C74F2F626C6A640C0B1284D839EC81F1696281DAFC3E684593937023B58B1D \
    3DB41D3AA0D329285DE6F225E6E24BD59C9A17006943D5C9B680E3873BDC683A \
    5819469899989690C281CD17C96159AF0682B5B903468A61F50228CF09622B5A \
    46F0F6EFEE15C8F1B198CB49D92B990867905159440CC723916DC00128269810 \
    39CE1766AA2542B05DB3BD809AB142489D5DBFE1273E7399637B4B3213768AAA \
    89B1889375E99FE2442C4F68ADF54158F4B8135713D00999B92B38E3AAFE5FF4 \
    959B1834BE3DC54FC36AA9D32EB121E0F688B90E7C7E2649F4AAEF407BDD2B94 \
    09EFEC03114CB5D4FFD1788E0FE1897BD176C1311E368368C657A5EE55C9CA03 \
    CC71744F030822D53A0486A97B9D98240274FADEAF262BD81B58BCE3DFA98414 \
    C24B5BC517FD91993A6B2E6232B0502125C6F48A6921E2DDA8EB6B3C4ECF2AAE \
    889602AD90B5D2537FF45DF525C67B983B51DBD23E1280AA656EAE85B63CC42D \
    E8C70E7C19C1D66E3F902BEA9D1ACFD3326B5985AD7C8CABD431ACBC62976CE5 \
    23C938EA447D4AF0F560DC52B0AB1D7D66A42AB8272E2C40BD66470FE6F68846 \
    12A11D899A0B7EB54907BBEDD6483EFCED1F15621D4673FF928C5AAB5F465257 \
    123679EF17C39648C537E150108E0F6608732E9F5B240689EEB5402FA04CCB89 \
    B7CA9649A361C526B41ED110402D9497715B03441118BC4953FCBEF395267570 \
    BD43EC0EEF7B6167F14FED205EB812907D0C134DC49FA5B18F5A3A3A9BD0A71B \
    2FFE445EE4FABEB4054CC922BA360E4589B681F01E2A43B5A0C0F0C39A5ADB94 \
    B3BC2D20FF7F287FDF17F53B7CB5E3A1ABD46FC0819A3559C03C6B4106603066 \
    359A4A09B468B6DFEF8A363C7B31D9E88ABB85914F4A27C30E9915C66AAC3576 \
    9E481C87AEE4C3138CF40F288ED3C172FFC17D3D78F8D32C3C756C13CFBFB95F \
    3ECCE6D8B54344D78998F58148C4B43B1A6201ABFF3D4FB4B76E3BBA104CFAA5 \
    5D8DA4319A9E0606644B07DC204E9635502186C1EF9E43322EFD69F86D4DA1F6 \
    A98BF0B800BA04BD9FBA5C5BE8EC49D48D9EECBADEE669EF69C9522C730110BB \
    8339AF0E45185262C9183307C5EEA59DE5095CAC26E8428D4CA9E44DCF8FC7B4 \
    1F9624A2DBA36F44415BAC489BF46CB6BB1BD2B70D719772FDABB3B166EA615A \
    BDF208C39BA8A708D933CBC8A3236D4A15629FCAA35E00C2B361527326E7AB51 \
    409A7DE42C9093346E41D3A3C4529D9557BBC01EEFF927F1052B5E02F74542B0 \
    4E78F1E933C67DBC2C9187527C86DA77F045D4B07CF646BA9547646905F1F117
 Test: Encrypt
 #
 Comment: Counter crosses 32-bit boundary (0xfffffffc*64)
 Key: r32 00
 IV: r8 00
 Rounds: 20
 Seek64: 0x3FFFFFFF00
 Plaintext: r1024 00
 Ciphertext: \
    98E5E54215C14F994E957FD3DD6A0309DFC3512CF12937F859A58725F16E9D4C \
    3BFBA511BE065C2AE7452DA187096671731A9954137BA780B808F9E93C919871 \
    582CB23E8F29E3B966B29D19E01A01DEBB32A8635CF49A1B178C3CD53CBF3EC5 \
    12DD6174690DA38FDA7C125351035F99E61042C5DCFA0C312E002F0DC99962DC \
    032CC123482C31711F94C941AF5AB1F4155784332ED5348FE79AEC5EAD4C06C3 \
    F13C280D8CC49925E4A6A5922EC80E13A4CDFA840C70A1427A3CB699166991A5 \
    ACE4CD09E294D1912D4AD205D06F95D9C2F2BFCF453E8753F128765B62215F4D \
    92C74F2F626C6A640C0B1284D839EC81F1696281DAFC3E684593937023B58B1D \
    3DB41D3AA0D329285DE6F225E6E24BD59C9A17006943D5C9B680E3873BDC683A \
    5819469899989690C281CD17C96159AF0682B5B903468A61F50228CF09622B5A \
    46F0F6EFEE15C8F1B198CB49D92B990867905159440CC723916DC00128269810 \
    39CE1766AA2542B05DB3BD809AB142489D5DBFE1273E7399637B4B3213768AAA \
    89B1889375E99FE2442C4F68ADF54158F4B8135713D00999B92B38E3AAFE5FF4 \
    959B1834BE3DC54FC36AA9D32EB121E0F688B90E7C7E2649F4AAEF407BDD2B94 \
    09EFEC03114CB5D4FFD1788E0FE1897BD176C1311E368368C657A5EE55C9CA03 \
    CC71744F030822D53A0486A97B9D98240274FADEAF262BD81B58BCE3DFA98414 \
    C24B5BC517FD91993A6B2E6232B0502125C6F48A6921E2DDA8EB6B3C4ECF2AAE \
    889602AD90B5D2537FF45DF525C67B983B51DBD23E1280AA656EAE85B63CC42D \
    E8C70E7C19C1D66E3F902BEA9D1ACFD3326B5985AD7C8CABD431ACBC62976CE5 \
    23C938EA447D4AF0F560DC52B0AB1D7D66A42AB8272E2C40BD66470FE6F68846 \
    12A11D899A0B7EB54907BBEDD6483EFCED1F15621D4673FF928C5AAB5F465257 \
    123679EF17C39648C537E150108E0F6608732E9F5B240689EEB5402FA04CCB89 \
    B7CA9649A361C526B41ED110402D9497715B03441118BC4953FCBEF395267570 \
    BD43EC0EEF7B6167F14FED205EB812907D0C134DC49FA5B18F5A3A3A9BD0A71B \
    2FFE445EE4FABEB4054CC922BA360E4589B681F01E2A43B5A0C0F0C39A5ADB94 \
    B3BC2D20FF7F287FDF17F53B7CB5E3A1ABD46FC0819A3559C03C6B4106603066 \
    359A4A09B468B6DFEF8A363C7B31D9E88ABB85914F4A27C30E9915C66AAC3576 \
    9E481C87AEE4C3138CF40F288ED3C172FFC17D3D78F8D32C3C756C13CFBFB95F \
    3ECCE6D8B54344D78998F58148C4B43B1A6201ABFF3D4FB4B76E3BBA104CFAA5 \
    5D8DA4319A9E0606644B07DC204E9635502186C1EF9E43322EFD69F86D4DA1F6 \
    A98BF0B800BA04BD9FBA5C5BE8EC49D48D9EECBADEE669EF69C9522C730110BB \
    8339AF0E45185262C9183307C5EEA59DE5095CAC26E8428D4CA9E44DCF8FC7B4
 Test: Encrypt
 #
 Comment: Counter crosses 32-bit boundary (0xfffffff0*64)
 Key: r32 00
 IV: r8 00
 Rounds: 20
 Seek64: 0x3FFFFFFC00
 Plaintext: r1024 00
 Ciphertext: \
    35C5DDFAD2617B5A6BEDDCE1AF0C115DBD221D7E6760D5520A74EEA6EB1F9C70 \
    3307014CCC1AF56B7B72266E087C4193B4230DE3023D86CFAE19A9B71591E2C0 \
    8513AFB2CD7D939B5703E6883D460489FF00E3CE6EB5E1ECA5E31B2A895BDB85 \
    6B3DE177489BDFDD97AB26141F94C771EBB94D187F2BF64172D3DC5F6FEB7123 \
    4C0715DCF16BA0EDD15E8505FA3A97DA766C9348030A4BBA5734617027FC9E47 \
    1125AA19C74296AC9CEA414955EBF0F6781E447978F287C1201A481A07BB0F92 \
    D7865365B38F87A915FC08A8925DB1124A6477F01B88EB0687606A8C53155E6F \
    128FB6FFD03F83BFF2C719A94438CEF64219E1DEE94AD2371985B45BB8544335 \
    BCF1CBBA01AAD69D86140AD06553B30817AC31AD88CCE6DC45E493BCF7903955 \
    B4B4EB4EFD1537B6BC772AD80CCBC2721A5359A143B999FFFB5F85F9C46A1938 \
    73554FD4FD66962C08D661323BD13E367EE6E64B0F7843BE9B91BD285184350C \
    F9FF7710208FEFFB7B7F75E46504BC4EB1DB05021EAF656528F5D04C60D71152 \
    7C307A8EDA4DE7F391B9924BC18EF13E4ACEF8622C724A2CDA344214415E0613 \
    9C057CA6FD78417F38D7C86B53D3484F085397A21594409ECA7C5D193802D33C \
    FD1C44E7C93185B3D8101E4A0C184B13F221BF40097A9C0DBBD5932D90BD342F \
    A6F56654A7507E902AD9416EC69D692E19372707F530B4998BE876CD772B3933 \
    7035102B0F813905C4339FF8F0DC621CA2BC76F6A99163E0751BE6F7968D9C22 \
    863A2161DE3126ABB102FCA8AD47A035EA71358F1C418D2BA8AF1AFCB8CEB20D \
    FE012D699B31D5F22828772A13A076F789B4B582E9736CDFA48E317AB1FF5443 \
    60745F9EFF11847EB86365DC0AB980231B0ACCD8DA22E33867A6C2314D56688E \
    17F6EC119B6AD7FE0A639F07EE6F7C0B5B88E8D0C97EC901636A7B62202D40D9 \
    176CF64365065EE642430787DB981190A249B7771759157BA8AA3A253C48338C \
    9E01BE363682292BB181A75A51C2EEB3069951075DC92CFE58E695AB35364667 \
    1336BE145FE90B8C75982D565762F7C48B505B19868F36A6C3633450CB9E165E \
    98E5E54215C14F994E957FD3DD6A0309DFC3512CF12937F859A58725F16E9D4C \
    3BFBA511BE065C2AE7452DA187096671731A9954137BA780B808F9E93C919871 \
    582CB23E8F29E3B966B29D19E01A01DEBB32A8635CF49A1B178C3CD53CBF3EC5 \
    12DD6174690DA38FDA7C125351035F99E61042C5DCFA0C312E002F0DC99962DC \
    032CC123482C31711F94C941AF5AB1F4155784332ED5348FE79AEC5EAD4C06C3 \
    F13C280D8CC49925E4A6A5922EC80E13A4CDFA840C70A1427A3CB699166991A5 \
    ACE4CD09E294D1912D4AD205D06F95D9C2F2BFCF453E8753F128765B62215F4D \
    92C74F2F626C6A640C0B1284D839EC81F1696281DAFC3E684593937023B58B1D
 Test: Encrypt
--- a/TestVectors/chacha20poly1305.txt
+++ b/TestVectors/chacha20poly1305.txt
--- a/TestVectors/chacha_tls.txt
+++ b/TestVectors/chacha_tls.txt
@ -0,0 +1,337 @@
 AlgorithmType: SymmetricCipher
 Name: ChaChaTLS
 Source: http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305
 #
 Comment: Section A.1, ChaCha20 Block Function, Test 1
 Key: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
 IV: 00 00 00 00 00 00 00 00 00 00 00 00
 Plaintext: r64 00
 Ciphertext: 76 b8 e0 ad a0 f1 3d 90 40 5d 6a e5 53 86 bd 28 \
            bd d2 19 b8 a0 8d ed 1a a8 36 ef cc 8b 77 0d c7 \
            da 41 59 7c 51 57 48 8d 77 24 e0 3f b8 d8 4a 37 \
            6a 43 b8 f4 15 18 a1 1c c3 87 b6 69 b2 ee 65 86
 Test: Encrypt
 #
 Comment: Section A.1, ChaCha20 Block Function, Test 2
 Key: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
 IV: 00 00 00 00 00 00 00 00 00 00 00 00
 Plaintext: r64 00
 Ciphertext: 9f 07 e7 be 55 51 38 7a 98 ba 97 7c 73 2d 08 0d \
            cb 0f 29 a0 48 e3 65 69 12 c6 53 3e 32 ee 7a ed \
            29 b7 21 76 9c e6 4e 43 d5 71 33 b0 74 d8 39 d5 \
            31 ed 1f 28 51 0a fb 45 ac e1 0a 1f 4b 79 4d 6f
 InitialBlock: 1
 Test: Encrypt
 #
 Comment: Section A.1, ChaCha20 Block Function, Test 3
 Key: 0000000000000000 0000000000000000 0000000000000000 0000000000000001
 IV: 00 00 00 00 00 00 00 00 00 00 00 00
 Plaintext: r64 00
 Ciphertext: 3a eb 52 24 ec f8 49 92 9b 9d 82 8d b1 ce d4 dd \
            83 20 25 e8 01 8b 81 60 b8 22 84 f3 c9 49 aa 5a \
            8e ca 00 bb b4 a7 3b da d1 92 b5 c4 2f 73 f2 fd \
            4e 27 36 44 c8 b3 61 25 a6 4a dd eb 00 6c 13 a0
 InitialBlock: 1
 Test: Encrypt
 #
 Comment: Section A.1, ChaCha20 Block Function, Test 4
 Key: 00ff000000000000 0000000000000000 0000000000000000 0000000000000000
 IV: 00 00 00 00 00 00 00 00 00 00 00 00
 Plaintext: r64 00
 Ciphertext: 72 d5 4d fb f1 2e c4 4b 36 26 92 df 94 13 7f 32 \
            8f ea 8d a7 39 90 26 5e c1 bb be a1 ae 9a f0 ca \
            13 b2 5a a2 6c b4 a6 48 cb 9b 9d 1b e6 5b 2c 09 \
            24 a6 6c 54 d5 45 ec 1b 73 74 f4 87 2e 99 f0 96
 InitialBlock: 2
 Test: Encrypt
 #
 Comment: Section A.1, ChaCha20 Block Function, Test 5
 Key: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
 IV: 00 00 00 00 00 00 00 00 00 00 00 02
 Plaintext: r64 00
 Ciphertext: c2 c6 4d 37 8c d5 36 37 4a e2 04 b9 ef 93 3f cd \
            1a 8b 22 88 b3 df a4 96 72 ab 76 5b 54 ee 27 c7 \
            8a 97 0e 0e 95 5c 14 f3 a8 8e 74 1b 97 c2 86 f7 \
            5f 8f c2 99 e8 14 83 62 fa 19 8a 39 53 1b ed 6d
 Test: Encrypt
 #
 Comment: Section A.2, ChaCha20 Encryption, Test 1
 Key: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
 IV: 00 00 00 00 00 00 00 00 00 00 00 00
 Plaintext: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \
           00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \
           00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \
           00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 Ciphertext: 76 b8 e0 ad a0 f1 3d 90 40 5d 6a e5 53 86 bd 28 \
            bd d2 19 b8 a0 8d ed 1a a8 36 ef cc 8b 77 0d c7 \
            da 41 59 7c 51 57 48 8d 77 24 e0 3f b8 d8 4a 37 \
            6a 43 b8 f4 15 18 a1 1c c3 87 b6 69 b2 ee 65 86
 Test: Encrypt
 #
 Comment: Section A.2, ChaCha20 Encryption, Test 2
 Key: 0000000000000000 0000000000000000 0000000000000000 0000000000000001
 IV: 00 00 00 00 00 00 00 00 00 00 00 02
 Plaintext: 41 6e 79 20 73 75 62 6d 69 73 73 69 6f 6e 20 74 \
           6f 20 74 68 65 20 49 45 54 46 20 69 6e 74 65 6e \
           64 65 64 20 62 79 20 74 68 65 20 43 6f 6e 74 72 \
           69 62 75 74 6f 72 20 66 6f 72 20 70 75 62 6c 69 \
           63 61 74 69 6f 6e 20 61 73 20 61 6c 6c 20 6f 72 \
           20 70 61 72 74 20 6f 66 20 61 6e 20 49 45 54 46 \
           20 49 6e 74 65 72 6e 65 74 2d 44 72 61 66 74 20 \
           6f 72 20 52 46 43 20 61 6e 64 20 61 6e 79 20 73 \
           74 61 74 65 6d 65 6e 74 20 6d 61 64 65 20 77 69 \
           74 68 69 6e 20 74 68 65 20 63 6f 6e 74 65 78 74 \
           20 6f 66 20 61 6e 20 49 45 54 46 20 61 63 74 69 \
           76 69 74 79 20 69 73 20 63 6f 6e 73 69 64 65 72 \
           65 64 20 61 6e 20 22 49 45 54 46 20 43 6f 6e 74 \
           72 69 62 75 74 69 6f 6e 22 2e 20 53 75 63 68 20 \
           73 74 61 74 65 6d 65 6e 74 73 20 69 6e 63 6c 75 \
           64 65 20 6f 72 61 6c 20 73 74 61 74 65 6d 65 6e \
           74 73 20 69 6e 20 49 45 54 46 20 73 65 73 73 69 \
           6f 6e 73 2c 20 61 73 20 77 65 6c 6c 20 61 73 20 \
           77 72 69 74 74 65 6e 20 61 6e 64 20 65 6c 65 63 \
           74 72 6f 6e 69 63 20 63 6f 6d 6d 75 6e 69 63 61 \
           74 69 6f 6e 73 20 6d 61 64 65 20 61 74 20 61 6e \
           79 20 74 69 6d 65 20 6f 72 20 70 6c 61 63 65 2c \
           20 77 68 69 63 68 20 61 72 65 20 61 64 64 72 65 \
           73 73 65 64 20 74 6f
 Ciphertext: a3 fb f0 7d f3 fa 2f de 4f 37 6c a2 3e 82 73 70 \
            41 60 5d 9f 4f 4f 57 bd 8c ff 2c 1d 4b 79 55 ec \
            2a 97 94 8b d3 72 29 15 c8 f3 d3 37 f7 d3 70 05 \
            0e 9e 96 d6 47 b7 c3 9f 56 e0 31 ca 5e b6 25 0d \
            40 42 e0 27 85 ec ec fa 4b 4b b5 e8 ea d0 44 0e \
            20 b6 e8 db 09 d8 81 a7 c6 13 2f 42 0e 52 79 50 \
            42 bd fa 77 73 d8 a9 05 14 47 b3 29 1c e1 41 1c \
            68 04 65 55 2a a6 c4 05 b7 76 4d 5e 87 be a8 5a \
            d0 0f 84 49 ed 8f 72 d0 d6 62 ab 05 26 91 ca 66 \
            42 4b c8 6d 2d f8 0e a4 1f 43 ab f9 37 d3 25 9d \
            c4 b2 d0 df b4 8a 6c 91 39 dd d7 f7 69 66 e9 28 \
            e6 35 55 3b a7 6c 5c 87 9d 7b 35 d4 9e b2 e6 2b \
            08 71 cd ac 63 89 39 e2 5e 8a 1e 0e f9 d5 28 0f \
            a8 ca 32 8b 35 1c 3c 76 59 89 cb cf 3d aa 8b 6c \
            cc 3a af 9f 39 79 c9 2b 37 20 fc 88 dc 95 ed 84 \
            a1 be 05 9c 64 99 b9 fd a2 36 e7 e8 18 b0 4b 0b \
            c3 9c 1e 87 6b 19 3b fe 55 69 75 3f 88 12 8c c0 \
            8a aa 9b 63 d1 a1 6f 80 ef 25 54 d7 18 9c 41 1f \
            58 69 ca 52 c5 b8 3f a3 6f f2 16 b9 c1 d3 00 62 \
            be bc fd 2d c5 bc e0 91 19 34 fd a7 9a 86 f6 e6 \
            98 ce d7 59 c3 ff 9b 64 77 33 8f 3d a4 f9 cd 85 \
            14 ea 99 82 cc af b3 41 b2 38 4d d9 02 f3 d1 ab \
            7a c6 1d d2 9c 6f 21 ba 5b 86 2f 37 30 e3 7c fd \
            c4 fd 80 6c 22 f2 21
 InitialBlock: 1
 Test: Encrypt
 #
 Comment: Section A.2, ChaCha20 Encryption, Test 3
 Key: 1c 92 40 a5 eb 55 d3 8a f3 33 88 86 04 f6 b5 f0 \
     47 39 17 c1 40 2b 80 09 9d ca 5c bc 20 70 75 c0
 IV: 00 00 00 00 00 00 00 00 00 00 00 02
 Plaintext: 27 54 77 61 73 20 62 72 69 6c 6c 69 67 2c 20 61 \
           6e 64 20 74 68 65 20 73 6c 69 74 68 79 20 74 6f \
           76 65 73 0a 44 69 64 20 67 79 72 65 20 61 6e 64 \
           20 67 69 6d 62 6c 65 20 69 6e 20 74 68 65 20 77 \
           61 62 65 3a 0a 41 6c 6c 20 6d 69 6d 73 79 20 77 \
           65 72 65 20 74 68 65 20 62 6f 72 6f 67 6f 76 65 \
           73 2c 0a 41 6e 64 20 74 68 65 20 6d 6f 6d 65 20 \
           72 61 74 68 73 20 6f 75 74 67 72 61 62 65 2e
 Ciphertext: 62 e6 34 7f 95 ed 87 a4 5f fa e7 42 6f 27 a1 df \
            5f b6 91 10 04 4c 0d 73 11 8e ff a9 5b 01 e5 cf \
            16 6d 3d f2 d7 21 ca f9 b2 1e 5f b1 4c 61 68 71 \
            fd 84 c5 4f 9d 65 b2 83 19 6c 7f e4 f6 05 53 eb \
            f3 9c 64 02 c4 22 34 e3 2a 35 6b 3e 76 43 12 a6 \
            1a 55 32 05 57 16 ea d6 96 25 68 f8 7d 3f 3f 77 \
            04 c6 a8 d1 bc d1 bf 4d 50 d6 15 4b 6d a7 31 b1 \
            87 b5 8d fd 72 8a fa 36 75 7a 79 7a c1 88 d1
 InitialBlock: 42
 Test: Encrypt
 #
 Source: Modified Bernstein ref impl using chacha-ref.c ver 20080118
 Comment: All 0 key, all 0 iv, 0 counter block, 1024 bytes
 Key: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
 IV: 00 00 00 00 00 00 00 00 00 00 00 00
 Plaintext: r1024 00
 Ciphertext: \
    76B8E0ADA0F13D90405D6AE55386BD28BDD219B8A08DED1AA836EFCC8B770DC7 \
    DA41597C5157488D7724E03FB8D84A376A43B8F41518A11CC387B669B2EE6586 \
    9F07E7BE5551387A98BA977C732D080DCB0F29A048E3656912C6533E32EE7AED \
    29B721769CE64E43D57133B074D839D531ED1F28510AFB45ACE10A1F4B794D6F \
    2D09A0E663266CE1AE7ED1081968A0758E718E997BD362C6B0C34634A9A0B35D \
    012737681F7B5D0F281E3AFDE458BC1E73D2D313C9CF94C05FF3716240A248F2 \
    1320A058D7B3566BD520DAAA3ED2BF0AC5B8B120FB852773C3639734B45C91A4 \
    2DD4CB83F8840D2EEDB158131062AC3F1F2CF8FF6DCD1856E86A1E6C3167167E \
    E5A688742B47C5ADFB59D4DF76FD1DB1E51EE03B1CA9F82ACA173EDB8B729347 \
    4EBE980F904D10C916442B4783A0E984860CB6C957B39C38ED8F51CFFAA68A4D \
    E01025A39C504546B9DC1406A7EB28151E5150D7B204BAA719D4F091021217DB \
    5CF1B5C84C4FA71A879610A1A695AC527C5B56774A6B8A21AAE88685868E094C \
    F29EF4090AF7A90CC07E8817AA528763797D3C332B67CA4BC110642C2151EC47 \
    EE84CB8C42D85F10E2A8CB18C3B7335F26E8C39A12B1BCC1707177B76138732E \
    EDAAB74DA1410FC055EA068C99E9260ACBE337CF5D3E00E5B3230FFEDB0B9907 \
    87D0C70E0BFE4198EA6758DD5A61FB5FEC2DF981F31BEFE153F81D17161784DB \
    1C8822D53CD1EE7DB532364828BDF404B040A8DCC522F3D3D99AEC4B8057EDB8 \
    500931A2C42D2F0C570847100B5754DAFC5FBDB894BBEF1A2DE1A07F8BA0C4B9 \
    19301066EDBC056B7B481E7A0C46297BBB589D9DA5B675A6723E152E5E63A4CE \
    034E9E83E58A013AF0E7352FB7908514E3B3D1040D0BB963B3954B636B5FD4BF \
    6D0AADBAF8157D062ACB2418C176A475511B35C3F6218A5668EA5BC6F54B8782 \
    F8B340F00AC1BEBA5E62CD632A7CE7809C725608ACA5EFBF7C41F237643F06C0 \
    997207171DE867F9D697BF5EA6011ABCCE6C8CDB211394D2C02DD0FB60DB5A2C \
    17AC3DC85878A90BED3809DBB96EAA5426FC8EAE0D2D65C42A479F088648BE2D \
    C801D82A366FDDC0EF234263C0B6417D5F9DA41817B88D68E5E67195C5C1EE30 \
    95E821F22524B20BE41CEB590412E41DC648843FA9BFEC7A3DCF61AB05415733 \
    16D3FA8151629303FE9741562ED065DB4EBC0050EF558364AE81124A28F5C013 \
    13232FBC496DFD8A2568657B686D7214382A1A00903017DDA969878442BA5AFF \
    F6613F553CBB233CE46D9AEE93A7876CF5E9E82912B18CADF0B34327B2E0427E \
    CF66B7CEB7C0918DC47BDFF12A062ADF07133009CE7A5E5C917E0168306109B7 \
    CB49653A6D2CAEF005DE783A9A9BFE05381ED1348D94EC65886F9C0B619C52C5 \
    533800B16C836172B95182DBC5EEC042B89E22F11A085B739A3611CD8D836018
 Test: Encrypt
 #
 Comment: Random key, random iv, 0 counter block, 1024 bytes
 Key: 2923BE84E16CD6AE 529049F1F1BBE9EB B3A6DB3C870C3E99 245E0D1C06B747DE
 IV: B3 12 4D C8 43 BB 8B A6 1F 03 5A 7D
 Plaintext: r1024 00
 Ciphertext: \
    C60E2330687F93D615A03CA1AD4FB4A64F2E0380A65F1277ADE647360F531A6D \
    7D39AC85F9064B49529B796F8220D44B2573449C0CAB7AD7704BA9E1F370A52B \
    45561EC56EB1AC85FEDCB4EE72957AA3445E6449373EA3CF82E2F5D2EA63889B \
    7349441FFF021C19458CB815AC334DB6159180CE3E743E67896F74F4DA12B3A6 \
    2FB45A2069151A1C0DAE260302905EF520F1838CBE8859400F0B4723F47518D4 \
    7EA9A557D00788B5796EFC9C4BC0F14484C64C27348BAC9621A18EF805F771A9 \
    BDE4B0288B0F6B06562A3D5B7A9655DA8A89C391F28B5C4B0FBE498B92DD8B30 \
    2F5B43B58C93C7C5161CAE0413D36E868E2C81D7204AEA96649A67B6439D04C2 \
    93A97046DEF4D31F49D32BAFBF814808A2E83EF0B212D7287D6AC6714A4A74F1 \
    A2BC057BFBC3023986FAE970A306E214B9400416B876A8F689BE3B9E36FD7AEB \
    49BA3E8DC1F24900AB41605921CFBBEE005CF5D577849183CB7F6742A908A7AE \
    1D2077353A42B86659A3676131A497B652BFAED4088BCE32E9B42D7A3BCAFD46 \
    63E252539D4853D2C482FED427F49CC9683C48B0158A7CA47490D5EAD0447527 \
    9AD0B47788F65A9E09A38681AC6B65E22A901155B9C66307C8E6854D6F041E5B \
    348A0D6F20A3C2DCB53E8444C280455EBBF9F34D34B18ABEAAC748093A310289 \
    0234453454C662718C67379D3D0D1C68EB42009EDC67CF6B3E6DEEAAAD969F53 \
    B0906F8B63351081F02F7BA65370A6E6A71E0EF82E38A910F9B875523376E66D \
    EC1107FA4CC4F66175A8A32F1D0D7FF5FC5241165BEA75B4F73ADB6F5FC0B49A \
    E287B04D67D351E87BA176EAC1E9C1BC0B67FC6C13C35F14BA08466002CC8BB6 \
    A064BBB5A6F1B193AEE1F7458C6954C24DBED0969193D61953AE2B4909A738F7 \
    B0CD0A330EB89323C22AF554A794CFE24B590C079077812B4DFD14CEF87536B8 \
    844C810DAEDC25CC71338935FB92E260BDB46138666B90536D6CDC500A02EA7A \
    AE3DEF84933BBA3960C1DA76C70AED10CE65C2F4EB91D82CAE36E33B75AE2D88 \
    0F73CAD4D4C2C2A76523D10FCC60B15CF0793928B43FF7DDD1B3E8F34C2174EF \
    2666BC91107223CF44D2F61AF44BBE918CCBF5998C315510B14B643996793CE0 \
    EF642967134BC88CC793F735A21F5A01345CE10ABA43DECD4E6AD41A105A3B0E \
    E38E217950A1AA6BEE330075B18331DC5A6DA5D731336F0F2543E1F2396DF25C \
    BF92399907A7325352AB7CEF98D0582EEE3E8130515D214FA0BF37B31AF5D74D \
    889ADB8D9DA438D1D5ADD7F70A3EDB089501189EA4F61BFFF406E7C961113827 \
    986B0483E7A8E6F3F81DC31CB2C7C48B92160D3452D717A759D5DDF71671529F \
    B187A0CCE7F5B9EAE3A851B13CAFFD19502D22CBB1073A4E68CB2EB5319D0E02 \
    F1B418A34AA18F15DE0B9667D7925B4651F8E73D4191B2C868915344BDBD18E5
 Test: Encrypt
 #
 Comment: All 0 key, all 0 iv, 0xfffffffe counter block, 256 bytes
 Key: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
 IV: 00 00 00 00 00 00 00 00 00 00 00 00
 Plaintext: r256 00
 Ciphertext: \
    032CC123482C31711F94C941AF5AB1F4155784332ED5348FE79AEC5EAD4C06C3 \
    F13C280D8CC49925E4A6A5922EC80E13A4CDFA840C70A1427A3CB699166991A5 \
    ACE4CD09E294D1912D4AD205D06F95D9C2F2BFCF453E8753F128765B62215F4D \
    92C74F2F626C6A640C0B1284D839EC81F1696281DAFC3E684593937023B58B1D \
    76B8E0ADA0F13D90405D6AE55386BD28BDD219B8A08DED1AA836EFCC8B770DC7 \
    DA41597C5157488D7724E03FB8D84A376A43B8F41518A11CC387B669B2EE6586 \
    9F07E7BE5551387A98BA977C732D080DCB0F29A048E3656912C6533E32EE7AED \
    29B721769CE64E43D57133B074D839D531ED1F28510AFB45ACE10A1F4B794D6F
 InitialBlock: 0xfffffffe
 Test: Encrypt
 #
 Comment: Random key, random iv, 0xfffffffe counter block, 256 bytes
 Key: 26C680F84915A586 E2C569044F083FE2 D26B93B242B8152F 001B547F2D838EB5
 IV: 41 F5 01 94 29 2E C7 32 BF 61 90 F6
 Plaintext: r256 00
 Ciphertext: \
    0DF0FE21D4FF132A29220F340103B6726820A36CC41D705B062F3F1A3896938A \
    38478CFE0B19C58D590D5B63226A0A6474D43EBC4179BBD1549022C2A8B8ED01 \
    01BC1028D34C84AC523D1CE9A831A5B9F07F182DB65F1034FD5C3E13652C75F8 \
    E586719766250643E494CE5FD72AD2C9875812D79949B2719B6FD05C78068CE9 \
    38203067821A13D2EEA66AC3972D3F86F10584B03F3EC51E9E1767AAFDE7AAA1 \
    37762D8972070B6F74DDE1F91B3E8A334B6A12B21BBDA74FC6D69B645A3F0ADF \
    3251856773A27556B06F9DEB8E6B99680258F8EE70C062880794FAAB992DD7E4 \
    8655FC852FF891DF70788C9AF948A86D33837F1C847CB70121929076904C261E
 InitialBlock: 0xfffffffe
 Test: Encrypt
 #
 Comment: All 0 key, all 0 iv, 0xfffffffe counter block, 1024 bytes
 Key: 0000000000000000 0000000000000000 0000000000000000 0000000000000000
 IV: 00 00 00 00 00 00 00 00 00 00 00 00
 Plaintext: r1024 00
 Ciphertext: \
    032CC123482C31711F94C941AF5AB1F4155784332ED5348FE79AEC5EAD4C06C3 \
    F13C280D8CC49925E4A6A5922EC80E13A4CDFA840C70A1427A3CB699166991A5 \
    ACE4CD09E294D1912D4AD205D06F95D9C2F2BFCF453E8753F128765B62215F4D \
    92C74F2F626C6A640C0B1284D839EC81F1696281DAFC3E684593937023B58B1D \
    76B8E0ADA0F13D90405D6AE55386BD28BDD219B8A08DED1AA836EFCC8B770DC7 \
    DA41597C5157488D7724E03FB8D84A376A43B8F41518A11CC387B669B2EE6586 \
    9F07E7BE5551387A98BA977C732D080DCB0F29A048E3656912C6533E32EE7AED \
    29B721769CE64E43D57133B074D839D531ED1F28510AFB45ACE10A1F4B794D6F \
    2D09A0E663266CE1AE7ED1081968A0758E718E997BD362C6B0C34634A9A0B35D \
    012737681F7B5D0F281E3AFDE458BC1E73D2D313C9CF94C05FF3716240A248F2 \
    1320A058D7B3566BD520DAAA3ED2BF0AC5B8B120FB852773C3639734B45C91A4 \
    2DD4CB83F8840D2EEDB158131062AC3F1F2CF8FF6DCD1856E86A1E6C3167167E \
    E5A688742B47C5ADFB59D4DF76FD1DB1E51EE03B1CA9F82ACA173EDB8B729347 \
    4EBE980F904D10C916442B4783A0E984860CB6C957B39C38ED8F51CFFAA68A4D \
    E01025A39C504546B9DC1406A7EB28151E5150D7B204BAA719D4F091021217DB \
    5CF1B5C84C4FA71A879610A1A695AC527C5B56774A6B8A21AAE88685868E094C \
    F29EF4090AF7A90CC07E8817AA528763797D3C332B67CA4BC110642C2151EC47 \
    EE84CB8C42D85F10E2A8CB18C3B7335F26E8C39A12B1BCC1707177B76138732E \
    EDAAB74DA1410FC055EA068C99E9260ACBE337CF5D3E00E5B3230FFEDB0B9907 \
    87D0C70E0BFE4198EA6758DD5A61FB5FEC2DF981F31BEFE153F81D17161784DB \
    1C8822D53CD1EE7DB532364828BDF404B040A8DCC522F3D3D99AEC4B8057EDB8 \
    500931A2C42D2F0C570847100B5754DAFC5FBDB894BBEF1A2DE1A07F8BA0C4B9 \
    19301066EDBC056B7B481E7A0C46297BBB589D9DA5B675A6723E152E5E63A4CE \
    034E9E83E58A013AF0E7352FB7908514E3B3D1040D0BB963B3954B636B5FD4BF \
    6D0AADBAF8157D062ACB2418C176A475511B35C3F6218A5668EA5BC6F54B8782 \
    F8B340F00AC1BEBA5E62CD632A7CE7809C725608ACA5EFBF7C41F237643F06C0 \
    997207171DE867F9D697BF5EA6011ABCCE6C8CDB211394D2C02DD0FB60DB5A2C \
    17AC3DC85878A90BED3809DBB96EAA5426FC8EAE0D2D65C42A479F088648BE2D \
    C801D82A366FDDC0EF234263C0B6417D5F9DA41817B88D68E5E67195C5C1EE30 \
    95E821F22524B20BE41CEB590412E41DC648843FA9BFEC7A3DCF61AB05415733 \
    16D3FA8151629303FE9741562ED065DB4EBC0050EF558364AE81124A28F5C013 \
    13232FBC496DFD8A2568657B686D7214382A1A00903017DDA969878442BA5AFF
 InitialBlock: 0xfffffffe
 Test: Encrypt
 #
 Comment: Random key, random iv, 0xfffffffe counter block, 1024 bytes
 Key: CF3F6640B3830E2A 8D7013F3E974FE8E 4133B1E81E1EA81B 80477EE48073B357
 IV: 7C 80 D7 1C 23 77 6E 20 F7 99 74 12
 Plaintext: r1024 00
 Ciphertext: \
    F0F4771DA359A1CC0BCC92101E8830A88258ED4134A8B15282CAD3E3B727D8C5 \
    34F1FE108F8626A5BC4F4F0559AF9AD996F281A77E3195A9B7606FF0DB6351A8 \
    5E6E00281DFB032AED7478FA2AB65DFFE781680AD4243EC933C6E2040B6FE22D \
    1EC0DD83F385BF2152BAA00B21F001E64860360D0C25E7B28BCA888C88391EB8 \
    89D76D3E4E6CC4BC4BFACCB758DE288A7B523CBDD65662D55D464CE393C6A016 \
    590D09A2C2117084619C6AEE14EF3D54092B2FBD40B86AFC6614237FB4B01AD1 \
    590F4BB4715114B373A5E170F9FF18F87D5D033DEDB61B72946C755673D3CFDE \
    A960F52F7DAE25C942ECE2CEB0C33B258A5CAEE89BB7FF6711B42FE12C8D9AB1 \
    78826EECE976C58D05B6EB9F4B770A9715EBF96AE79515972375202782D343EE \
    564B36037F49432197C1E977462BE17620B786E1DB2EF3CC759E3E3BD9B29373 \
    367E66EEE529515BAAC37DC2B26BAA3A5587EA35F064CFEDBE5705779A72A53A \
    2ED02D6F459768521BB1F0EB0D4A4EDCD9B0BB3E1148BDBF6A0918BFEF352FD2 \
    149F95DE307CC388FF3ED0C72118D1AE27A112B58B2819A0976CF949DAA99AD0 \
    1237B4BB5963E274F801FE25E62B7DC2D4B17BF85816DA5078EAE4FE676CBCAD \
    C772811C93A4F94C5198F2C542CC71CAF3E3480678B37AF2FA42061F870A3AFA \
    5146DFE5F4969F223D3909B20CB53344EF72B7C861ADA20D4EBC1AE3DB5431C1 \
    300DC1CC32C5A2544E8707DC040CE2559293A54D070A48B18F18CB1E6F715D8C \
    FE437BD03F55657CBB3DC95284C6830C7D7FB48249AB9EA08174FF8A04D89206 \
    3EDDBE22D402C249718899A9E06169D49C6B723283F01EBF2707972CCA039F4A \
    D1D92449E3CA011722E03119FEED32F63F22303C73C75B413FEC2EDA0C069236 \
    880EAA26E5226233B216D059D664AF7D5737F0F12A1D34DA3CEB83826666F4B8 \
    D7F60D917E033FBFEF756726DCA873E63ABD2A470F8CABBE21C6DDEEE668BCA0 \
    C833AC0DEEE73155C1723BA2E5EC70985F2F239822FBE628EFCC68938630D9FB \
    E88BF757A28BD8925DAD67666091BE7602D36DE65E248964469C44DBFBA76E13 \
    3978E9DD5088BB4C314AEB56D9D553229110C7C939A129522C5F6B01F96D67ED \
    97629A5E9DC4923745739A02151F53C8CE2CE48B33A7E359A574D9C8A48542E1 \
    EA20DDFA7E9BA5B01DDC256786026160DA6A113E553F30A4F37A7ED2D3ACA6D4 \
    3F90516417477C3778A80AB875E90F8D81977F51973184242A4BD2EC002216CA \
    5631F1740F558E1CDC42A252A15CB954AB2DBB1CAC199313EF657FA2D5F8405A \
    C60AC8BFCD0645CDCD0547D4433A6093C9A24F17902F5B37F2E60390C9EF30A9 \
    853407FFF342D4787C56B665AFF0F94F1B6A0A213FB7E73F7EC1990C8C7CB1D7 \
    7E0C233586EB00D9B10020986A31CCECFC26B435FC92E8707B7AC3CB8275FDA4
 InitialBlock: 0xfffffffe
 Test: Encrypt
--- a/TestVectors/cham.txt
+++ b/TestVectors/cham.txt
@ -0,0 +1,471 @@
 AlgorithmType: SymmetricCipher
 Name: CHAM-64/ECB
 #
 Source: CHAM paper, Appendix A, test vector 1
 Comment: CHAM-64/ECB, 128-bit key
 Key: 0100 0302 0504 0706 0908 0b0a 0d0c 0f0e
 Plaintext: 1100 3322 5544 7766
 Ciphertext: 453c 63bc dcfa bf4e
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-64/ECB, 128-bit key
 Key: 0277 0a9e a270 1fed 460c c269 9163 e519
 Plaintext: 704a 4e91 eb9b 688d
 Ciphertext: ceda d4dc 00e3 800d
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-64/ECB, 128-bit key
 Key: 24cd a3e2 c167 92f3 40b6 0017 cabc 07c4
 Plaintext: 115a 31e5 ee65 87f7
 Ciphertext: e1af b96f 3079 4233
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-64/ECB, 128-bit key
 Key: 0914 eef6 827c 21b9 c697 05ce b28b 7dd5
 Plaintext: e722 2e2b 0f2c ee49
 Ciphertext: 280d 763b 931b da81
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-64/ECB, 128-bit key
 Key: 2fa2 fb02 1cd5 9124 ee27 1ec9 7307 6a13
 Plaintext: 9fc0 8c64 f9f9 8163
 Ciphertext: 0277 8604 1b15 8cb9
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-64/ECB, 128-bit key
 Key: 6035 af8d 6d97 6a47 1bc9 cb88 1a4a f2aa
 Plaintext: 657b 5980 aad8 468b
 Ciphertext: 5684 2bf7 606d 67f8
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-64/ECB, 128-bit key
 Key: be3a cf23 eda6 9014 023e 098b 37c3 9b9e
 Plaintext: ff83 911e 2f35 84a5
 Ciphertext: 9263 2bf9 9819 783a
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-64/ECB, 128-bit key
 Key: ffde 8a15 21c5 fb5e b6b1 1ec9 05aa c629
 Plaintext: 7802 c7a5 d52f 1868
 Ciphertext: f810 fad0 80f0 19bd
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-64/ECB, 128-bit key
 Key: fc25 b83f 5058 9cb6 fe7a 5d6c 1635 5cfd
 Plaintext: 1ab2 1791 a5d3 05aa
 Ciphertext: e733 fd94 c357 d36c
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-64/ECB, 128-bit key
 Key: fae3 5e23 e357 3e33 4468 c725 80e5 4a6e
 Plaintext: 5dc5 c55f 6b8d 31e2
 Ciphertext: 5bc2 2475 f93f 6cc8
 Test: Encrypt
 AlgorithmType: SymmetricCipher
 Name: CHAM-128/ECB
 #
 Source: CHAM paper, Appendix A, test vector 2
 Comment: CHAM-128/ECB, 128-bit key
 Key: 03020100 07060504 0b0a0908 0f0e0d0c
 Plaintext: 33221100 77665544 bbaa9988 ffeeddcc
 Ciphertext: c3746034 b55700c5 8d64ec32 489332f7
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 128-bit key
 Key: a37beb01 15c49898 906f6f1c 73f68cf3
 Plaintext: 463e4b34 efe3faa8 d8b74450 967f34d1
 Ciphertext: 30269e99 4d70c5de 7b0bc631 a96a1458
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 128-bit key
 Key: ad97ae34 49a65961 46872c23 08a85a00
 Plaintext: 7c241f66 85111245 83d76a6f 8498946b
 Ciphertext: 633b6cb9 00b390d8 d1bb84cb d84b9ccf
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 128-bit key
 Key: 012ddb51 d216a550 3b1632f3 69930aac
 Plaintext: 440a7ce0 23b8499f 991482fd e6069cbe
 Ciphertext: b2b21944 81c5becf 091d3c08 ee6d1749
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 128-bit key
 Key: dfd8192b cab7764c 12632c23 95c96b55
 Plaintext: a72c2040 1e652249 6ceb83be d90a2816
 Ciphertext: 0416aae7 302a5219 cd20a3b8 6d879c22
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 128-bit key
 Key: c3fe465e dff5a38c 308bcf68 a6d45ba7
 Plaintext: 91167a4b b9641eb2 15195841 f3301521
 Ciphertext: 36d1dd06 e42c583d 9aea8e58 08ee2f3b
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 128-bit key
 Key: e7365921 729a2e4b 5e9e2d42 6b53c079
 Plaintext: 9fd5fb98 d2de3459 42cf3edb 2104e849
 Ciphertext: 60f3dd59 406e579e e45a2191 526c5693
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 128-bit key
 Key: b880a315 e410aa2d 9d8686e4 ac033a6e
 Plaintext: 05251c25 354ded83 67d50c4c 4a73b66f
 Ciphertext: e3f879f5 8b41baf8 8b458da7 04343a03
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 128-bit key
 Key: f0cb7d27 58d7ac44 937b882d 526fb9f8
 Plaintext: 088ede84 315ef415 2e2e22b1 8b45e765
 Ciphertext: 4ff2532c 66a12b2e 869f476e aab2d53f
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 128-bit key
 Key: 28b841b2 9a5e552c e02170c8 fee72a87
 Plaintext: 0fc61c4c fa1db413 9d007659 39df2ba9
 Ciphertext: 6fd504e7 091aca2e 32c88718 3e40b4a4
 Test: Encrypt
 #
 #
 #
 Source: CHAM paper, Appendix A, test vector 3
 Comment: CHAM-128/ECB, 256-bit key
 Key: 03020100 07060504 0b0a0908 0f0e0d0c f3f2f1f0 f7f6f5f4 fbfaf9f8 fffefdfc
 Plaintext: 33221100 77665544 bbaa9988 ffeeddcc
 Ciphertext: a899c8a0 c929d55c ab670d38 0c4f7ac8
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 256-bit key
 Key: 4031c291 53a38799 8e0a6bad 6098a6c4 e4a852f8 7daf676e 873c3524 e1527db8
 Plaintext: aac76bc0 ec99e00e 9648a939 1a37c8db
 Ciphertext: c993c682 1545b60c 456af36c b97628e7
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 256-bit key
 Key: 0c7be271 0ee365ff 061b8e43 5dbc63e3 52a08866 634223c9 8f4bcc4f a1223aee
 Plaintext: 49eec4dd eb938769 a359a6bf f69353a9
 Ciphertext: 6252cf6f 6524f0ed 0b3a272a 33827bb4
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 256-bit key
 Key: 90c69c18 8fcac90f 7c061078 036f3279 5676641c 40358d9f d74867ca 5debd8fa
 Plaintext: c27e5d18 985bd57e 25b7164e 5acb6ceb
 Ciphertext: c7c15e12 2287fd3d 45875c14 629a042c
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 256-bit key
 Key: f7bae93e 170bbccd 42a1d993 a6247a9c ae609194 075045fc 95b22ad9 59e16c9c
 Plaintext: 87cc88e7 9f159afe b2e8967b ff1ddd8b
 Ciphertext: 0887e541 4b68e67f a46d19ff 948290b6
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 256-bit key
 Key: 15747f3e 359c8462 151d0e6d f06abade 06f246e1 c817332b 1fa9102a 52263db4
 Plaintext: 5c11eab6 3fa257df 7da90d0e 1bf46991
 Ciphertext: 3cabb22e 79c7ad8e d502abf8 74e7d3bf
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 256-bit key
 Key: 4c70d578 34042fbd 8f4b7c40 89ac864e 1dee8bac 4093f375 308aa073 655098f1
 Plaintext: 68c7097e ab6c6043 87d2bc67 41dece87
 Ciphertext: 362a9742 dd8238a8 d916409a 4a3c11a1
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 256-bit key
 Key: 073359a0 5e54c5f8 882ef21f 01be08d5 7d5c5b87 533059a5 204e2bcd 5652dfc5
 Plaintext: ef94e8fb 7bf2aa7c ac73ef0a 294ad1f8
 Ciphertext: 5914594d db44ba25 ac0bfc05 1b92a9fe
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 256-bit key
 Key: dc359e46 f5516d84 89885aee 191494fe 25350de0 69275496 1531e563 59f9e0ee
 Plaintext: d1c5fbd0 7d1e85fc 7922d741 6a5a44dc
 Ciphertext: bbe95a67 06b38ff2 898dfda8 41fe29c7
 Test: Encrypt
 #
 Source: CHAM reference implementation
 Comment: CHAM-128/ECB, 256-bit key
 Key: faf3682d cf6e656c 53bd8c06 de0f7f71 678c5a2d 34624762 d88daf37 21d5ad6c
 Plaintext: 55b32441 7a787fbc 41b91ab2 9a5bf734
 Ciphertext: 2a7dab0b 6769e989 61578998 7e4be9a7
 Test: Encrypt
 AlgorithmType: SymmetricCipher
 Name: CHAM-64/CTR
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-64/CTR, 128-bit key, 12x blocks
 Key: e6b1 552b 7d53 c0d9 8c7b 18a1 b2ef 03bc
 IV: cc03 c902 5780 5f72
 Plaintext: 83d2 797e 69c6 ecd4 8fce 53fa c686 6389 d3dd e2b7 1f4d dee0 5cbe b3b2 2064 f8e8 226a 5f52 08ea b683 bfc9 ce0f d268 036f 94f3 60d4 8426 8d2e f8f6 c70c f4a1 95d8 5a4a e07f 1bc8 c339 4420 ee04 1460 9995 727f 284f cad1 ad41 9c48 9c8d 8bf4 9ef3
 Ciphertext: 0fee 544d 6d11 f5c6 44b4 42b6 9513 1617 ca6d 4036 7ffc 5ee0 6312 5896 3012 6b3e 67c3 031a 0c57 1dce 4be8 7888 cbf5 b12e 4b9c 503e 1cfb 76c1 31ba 5b4e 3673 5e1a bd0f d733 4736 1668 f040 f74f a9c7 bdbc 1fda 5e1a bdec 952b 3f64 9750 c7e8 f11c
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-64/CTR, 128-bit key, 12x blocks
 Key: 780e 51d6 3741 ca88 8419 7f61 8062 2904
 IV: a7e8 db3a 9264 ec0a
 Plaintext: e7ef e7b0 66df b955 580f 6575 881a 06a2 98c2 9f13 40a7 0121 df40 567b d4ae ba67 0446 944e 1cf8 1efd ce4b a7fd 139e 35fd ffa3 ed21 52db 5bb1 0332 4843 6903 5c28 a1c4 70db f7f2 81b0 6d7e e754 448c a220 3a38 6f30 d6df b5dd 9db4 9426 1c15 7aa4
 Ciphertext: 0b95 d934 ea2e 9a67 d37b 8f0f 2d91 7c3f e1bc f6d9 7ef8 a7fd 1ee8 34c3 2cec 7a6e 502a 840e d48e 1f9d 4795 c57c 4ec2 e762 50ce 8e25 e5c5 1b5a 00d7 a203 f453 63b5 d5a1 1c81 4a7a 21f9 0e1e 82ef e41e 4bb7 5b7a a273 164a d8bb 6a9c 76e7 0206 6131
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-64/CTR, 128-bit key, 12x blocks
 Key: def3 7285 6fb2 9ca8 37a2 15d2 4190 c3dd
 IV: 2d70 2927 e2e5 6b90
 Plaintext: fa0c 3a8c c423 cf46 d8ea 9fb2 2b06 bf16 76ce 84c1 96d9 0795 c09b ecd0 085b 584b 3885 1684 8346 d510 7ad8 d7a9 519c 3b3a d681 3ca3 4e98 61c4 8ff1 142e 2064 33d3 5e61 dd63 206b c4e6 9008 1db5 0abc 249e 4e96 77a4 2764 bce7 dc93 e291 a058 d54e
 Ciphertext: dd2f 6c48 f2f0 3915 1be6 9c0e c0f9 510d 1640 de08 152a be0f 4a07 abf1 01ee 5bda ffa3 a59e e22e 1953 8c3e 6cc2 b9ea dfe3 d721 9a32 c4e6 49c0 cfb0 7f1e ad69 9c99 03be f145 c958 d917 d0ea 2503 ec08 ab39 4390 1afa 2e5c 3c13 557c 243b ca75 a703
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-64/CTR, 128-bit key, 12x blocks
 Key: 646f b394 917e 6f3e 03f3 f14a 4bea 460d
 IV: f92d 20d9 bc67 75f6
 Plaintext: 83db 8ccc cc49 6c58 55fc 79fb d0d0 52b5 5b7a 9378 9d40 e281 777c 0ecc 3c82 99ca f513 ed1a 7740 d0ea 535a 76b6 2f43 0dfe a5dc 937f 878d 95ef f07f 7900 fff7 7c00 e24f 9477 e173 486c 26ef a74b 228e 0f28 2dea feb0 069b e877 ea11 017d b47d 5a79
 Ciphertext: a28b d8d4 e2b6 f076 716d 5769 46de 6fad d74a 3438 dd55 c72b 282a c910 0808 c0dc a421 9991 6f45 a3d0 8d85 864f dfc7 8b4c 69e0 ebbc af39 1a7b d620 5a85 ce9b dee6 4cc1 b88a 742e 5907 ad01 fac0 31f7 01bc 0213 3c40 b2cb ab50 00b5 6ae3 b7c1 3fce
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-64/CTR, 128-bit key, 12x blocks
 Key: 9698 a9eb 7003 b35e 47c6 0c0d cd55 fd4d
 IV: 96c3 a41c 421c 955d
 Plaintext: e7a4 ccd0 0c2d 1f30 e329 1182 dc55 7f92 5e1e 4df1 a77b 4626 09ba 7541 d1f7 6b64 48fd 4cc9 4539 736e 4066 a6db aa62 9617 d3b5 2d14 e414 3981 a911 85c6 93f7 cba4 2976 3ca8 d3be f5bb 6437 ece5 68b9 294f 2ea0 dd4c 3054 b6d0 947a 75d8 9d11 cc78
 Ciphertext: 28c8 d228 36f6 0e5a d9cd 7a8a 8375 3bd6 66e8 beb0 5d64 7d9a d309 d89e eaee b4fb 41e5 d199 c70c 7e33 271e a1ba 8160 e4f5 b720 33ef 96b4 0467 e52d 791a 1983 c2c5 88c3 50ef 9b1f a465 75c8 92c5 9f1f 4715 8c7e d6c9 ee9e d073 8c00 cc9c ce0e 77f5
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-64/CTR, 128-bit key, 12x blocks
 Key: 86fa 2b6b d8fc 8486 0c11 f1c2 5b75 ed8a
 IV: b318 e5c2 5583 338e
 Plaintext: 7860 ba79 52cf e4a4 cc26 4aa5 71d9 7b2e 9273 9a86 38ba 2bec 3ced ddf8 01ed edd9 2786 6e13 e1a6 0a89 92ae 2a09 eb91 c0c4 0006 0a38 3b7a 3ab5 ec0c 9f1a 33f3 e10a 2b75 6f52 8393 31fd 89fb 9697 cd7d d6d3 c33b 988d 9889 dc01 53cd 2f20 be29 811b
 Ciphertext: d7a1 f7aa 05cd ce1e 2fcb af67 20eb 1c10 0cb1 45ad 7873 5e7d 0798 4efe fa17 cf54 cc7d 7df1 ec9b 992a f396 50ca 444e 7c98 0608 53a3 6114 d3b0 ec1b c375 6eef 246f e1c4 905d fedd 4df8 c3b1 f177 b948 822d 2243 7311 0d4f 3e8d 95ae 32e3 4457 1edd
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-64/CTR, 128-bit key, 12x blocks
 Key: 5ea8 a98f 6f23 329d 6a36 d40e af1d 2d07
 IV: ff5f 72e2 b9f0 5565
 Plaintext: c4c3 1942 dcc1 40a7 00a4 41fc 4be9 d17a 1e6a 3a9f 7bb7 7d3b 7a94 a9c0 5dd7 4608 c98d da75 d556 8642 fc98 a0b7 9482 8849 7c0b 80f1 bea8 fdd4 fc73 aa52 3edb e09d 4414 4952 6831 fa9a 5b48 45ac 0e36 0ce3 a403 3089 b7f8 99c0 394e c429 c945 98b4
 Ciphertext: f93b ed37 941f ece2 1a89 d7dd a11e 8c51 e239 e5fe 70f9 15c8 ac4f c647 60a4 144c 5bd7 4598 822b f4de 3c5c 089f 503d 06c5 bcdf 258a bfa6 c53b eb6b 373c e03b 7438 e626 138a fc4e 3962 352f 33be 7e05 8357 1268 d621 4bc8 5926 737a 056a 8417 5504
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-64/CTR, 128-bit key, 12x blocks
 Key: e764 1ae3 84bc ca20 88ab 0eb1 8cc5 cc7f
 IV: e1ee 11cb b0de 4400
 Plaintext: 0a44 7fdb 4dba 1167 c521 1521 5637 d376 3bae cab2 ac86 b087 1cf1 44df 4a43 e77f fd74 7687 ee78 d418 60c4 20ef 9ee9 0fda f972 a4c8 3012 56db e159 75cb fc8f 5d16 8f37 749e bed7 b321 5357 998c d35c c3d3 00f3 7038 2aae 386e bcf8 bc0d e2bc d331
 Ciphertext: 9597 b5be 01f8 6981 098a 3f39 9b4f cfc3 27c4 4b89 778f f2f5 2327 c822 b0fd c49d 84ca 1bec ec16 03f8 5031 39ee 9276 41b0 f086 f2fd cbd8 0d09 a6d7 bec3 5112 6f2b 153b 0ab9 92da 8b4f ad6a 3555 7a59 9b65 311f 5277 b50d 4280 7c04 f663 eea5 9d17
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-64/CTR, 128-bit key, 12x blocks
 Key: ba7d 1f51 ccd2 1431 e906 310f 981b 66c5
 IV: e41c 02a2 0889 1101
 Plaintext: 28d4 c1d4 ccaf aab1 da91 785a 4b78 a976 6468 b2b9 7422 94c1 aed5 793a 85f3 559a 3720 9197 319b 6756 c8bf 782c c0e4 5297 421e b1d3 8837 6a44 32fb dadd 3a0c cccc 2007 d464 17ed 1743 32c4 771b 27c5 afa5 804b feb9 5e58 cb91 137b b931 bc5d ecc7
 Ciphertext: f22c d112 f7f8 ef29 c47c 45ad 10a4 d781 1138 110a f9ef e229 10aa 1067 2bdd b937 c904 79df 776b 49c3 e52d 6e6a 1cdd 8e1e afb9 f3d5 7278 2083 777e 931e 028a 27c0 fa73 4bec 8114 0dad 4e8c 2490 223c e557 67bc 07d1 f135 9677 da11 05e7 e09c 4473
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-64/CTR, 128-bit key, 12x blocks
 Key: 9b58 14a8 d670 c7ce efbb 5e8b d970 9858
 IV: f410 81e9 16d4 704d
 Plaintext: 032a 730c 0ba7 1b1e 295e aa2b e229 1bcb ac2d 647b dde3 b1d6 e928 8416 68dd a420 0721 4f46 ab83 0841 68cf 27b8 170f 840b 999d b682 e602 9ce8 b325 caeb 5147 8864 cf38 8a04 56ae 5bf7 f9ce fc82 eb4d 0c03 623c 9870 c5c1 c633 e2ef 4c74 b38f fb67
 Ciphertext: 9a4e e2d4 e282 8196 ef45 9e91 60c7 9c1c 2bc3 b165 090b 9fe4 b128 dff1 404f aaca ad6f af95 c545 b574 65d2 6170 9e49 315c 494e 1f62 7090 993a 84c2 be20 f269 450c 9c2f d490 97db 6b72 0bd6 2eb8 271a 8588 f59d 6b7b aa20 25b1 ad39 8997 a7b4 9639
 Test: Encrypt
 AlgorithmType: SymmetricCipher
 Name: CHAM-128/CTR
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 128-bit key, 12x blocks
 Key: 23dec910 8674de3b 42d4febc ebac3ce1
 IV: 434d3806 61578dab 9b8aaa69 2c242a3f
 Plaintext: c0933ebb 71c2d940 5f791cda 6c89ff00 9a85507e d696c654 184c5df1 55836873 026b8e7b 5a2497ab 0f67805f 00700588 53840541 b59e0ea6 d16c5798 7458b715 6dc1c5f1 38d2f6d2 02652957 edd26b64 c711733c b772c1cb dfe376c0 4e37d724 4699ee4f f66152b3 76eb3fd3 8f094e03 fb47286b c775073a 9907361c 8c517c10 959a867c 20b11002 34485076 5bf8bb83 9fdd016e b7221cc4 32533042 612a39fa edebeecd 20b14ec1 6c0b9075 03496693 010c146d ea7c7f80 92b1d4bd 4d209707
 Ciphertext: 75a7c6a7 6b72d94a b083627b 0d5cb98f fee0e34c adf15e52 6348f350 4e1ab4a2 a9de3226 2f4beb61 01f544ab 3ad609cf f65c1ffc 24d7f132 0d43aeb2 7ff715cf 26c78de4 6d6c3c9c dccab249 cec4858e b1e27ce1 2b4f455f 5c5bf433 c4010664 b0b9f2d0 b3d765c3 fc9b914d f463ddfa 8941880c c728841c e18cb64f ac9a5018 2ac7920a ddc0b973 98fa8428 8a4d19aa 7eebcb4a 0470c8a0 ef10edeb 68191a86 c39c48be 929c00ba fdb2d807 89d6beb7 9037bcd1 0eead8c4 5df80281 d4275481
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 128-bit key, 12x blocks
 Key: fc461d9f b81c669a 2dcd9b60 dd0dc803
 IV: 3a03a72a dd47db7e 371ffb90 1ecd7ef4
 Plaintext: 1df4d2e8 e9b59fbd c710ea90 7ea88dfa 1a05307e 8d883c92 f5eff3cf d8eb3dac b4e1fffd be4bb41d 2ad2851a 21f80ea6 e52a3c36 68eb5ba2 6be06596 ef25d7a1 f6b422f1 ce996156 2623e690 f54b2163 ee5b49f1 cf5afebd 88bea2d2 619d8861 3ed4c062 bb1dadf4 28ca3301 735cecd9 ea77113b 31ac1736 8ac8dd46 b1d6d677 312e5318 e84f0036 83133f06 82114d09 448bedcc b134c209 2f5ec84b 6019563e 524f00ed 22a33d84 2976d662 9a46cdec 1911acec d029089e 0c552e22 6ce69283
 Ciphertext: 34d5eb84 1a736580 030345f0 dbcb1347 05f02931 954c6fdc 0678019e 2dbad83d 4811b8ab 29595196 9e533b24 278ed0f1 df7d7578 efe356b1 e813abef 148c2560 38fcbee3 6cbcef7f fc0df407 867e7031 9e0b1dda f5501321 a67c22ed c43ecd72 6f6e6c2c 604c3516 bd1e726a 442eb1bf ffaa884b 2742b064 56f7b3b2 36cf6fbf 777b3ce3 f253c05c c882ce7d f4be285f de75d1f6 e0c336da 4bf90ce9 0f2ac558 fc0308c0 3c82176e 2a34b65b bea97726 05ad2e86 58e47259 e1e45834 6947fd40
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 128-bit key, 12x blocks
 Key: 82e9a10d 1275c400 ef4b1b7a 09c9a74f
 IV: c8af984c b4c6c76f 17a2bdce 755d304e
 Plaintext: 0b68525d b1bca784 3ef3e525 53c26903 48ddd25b e57587d2 7eaa1ae3 961a006d f3a86cad 0efae3b1 06986845 820b3ee6 4a2bfd22 ab0785ad 923a5c17 551dcc0d 95ca064b d6735935 26a46210 3e3ae41e aeb4b483 d096b043 4d5a7641 5d1bad27 2d211a24 6b862534 aaab034e c4da88c7 5fca22f1 d535c1a5 73f58b5c 083b6720 a50bfa9d 900fdf55 43bb9e36 a0134bd2 42257406 11c4ec3d 88e75774 4a418cc4 1fca2198 814ed5fb cddcc438 0e9438d0 cd421f15 7295de50 72dfc2da e8f5ff6d
 Ciphertext: 376d284c 6c3c8b99 67a2d66f 61a9f51c db6f06e2 a4cbda9f 6f48e1fa 695df3cb 7c0563da b6810ba0 291cc0fc 48d337da cbaf9363 9bce9399 7635dc4c 3ad49fd5 f2388208 da515f23 af4177b9 2be7106d d7cf8b5a bd5bbaef b2c8b5da 6610dbe4 65ef3e7b dda5425b c1fd36eb 98f9924e a1fddd39 c9390a3b c8886349 58a66f72 71162967 e9eac4d0 1f0212a2 32ff7b07 643839f2 dd87e6f8 410b4bbe 2afc5d5d 93f040e0 f4f74ad8 c498a1e1 6567520a 8ee926ed da431740 a4c7e2e6 e8f6408a
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 128-bit key, 12x blocks
 Key: f6c062fc 108d2c2f d5a50b83 c7c7982f
 IV: d0c429d8 fcd33338 6c702644 fcfe6f6d
 Plaintext: 4bdd5fc1 c43f4c91 ea72162b f57a4ce1 58a599d6 c1dce0b8 6d2d853a 870e62d6 e173e45a a6f6b83b aeff7994 271b14ba 8e7b9d3c 792a3cf5 c86cafab d85e126d 7b5eb348 f6e56c92 f56c87bf 8daf9b83 2239af83 55693192 6f7571b1 e9788d2f e8ed3a51 3ec51868 4651cef3 406c460b 1c53a133 32a34441 4429fb6f 0955ae2c 59905104 5d5c32b8 381d0383 22065578 34e9e5d4 7450f0ba 30ae8b2c 8543699c 3e470912 dcd2c277 e1360e61 ba6b54e9 3d1a04e0 223f1e97 bcce2ca9 fd519ead
 Ciphertext: f7d445cd 34467e43 64ca1cc6 d0f24671 91653b80 af0088cc eaaf9813 dc78fd96 6e66484f 02e2e364 ecca13a6 bda61d73 41ada198 97ac9657 fb928e06 95938089 2ce965e7 2c61620c 07b5753e dbd7fce6 81eee3fa f9b06db3 62a8b4f5 1ef865ac 8f7a7459 f74511a6 31a8e6b9 b8fb7628 5d1a1877 40a49e26 4fd3431c e9bbc8ed 2eee705a 8754b6ee 1ca2bec7 89956c0b ee263189 27edfa9e 4b833f84 156e849c 667516ec 079ec133 a95e6796 24f038b0 99b85ae9 c62790e9 9aef8174 ea4279bc
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 128-bit key, 12x blocks
 Key: 14fb7484 293745d9 0f08dfdd 7d3f3859
 IV: 3e75b2dd c7b6535b 7112f3a3 74ac168a
 Plaintext: 89c9ab04 33889947 d884a83b aec53b6c 8edb3252 f22cc855 41568a29 85e74315 f74ff239 26ea2257 1a238f6b e9d1ec9b aed292bc 90461768 c0366887 37cf993e 6342586c f354649a 6788e975 d5101a3b 2bdd15bb 1979a4a5 f2feb25d c15e733c f2f1ba8a f7c588fb 8180b2b7 4e82e594 f24079af 95723dc0 e432b5ae 4aafca0e 681fa34d 5f528f82 65471ab1 c1a693cd 329e3e8f 44a7d6a7 3c79d8e1 a5fcc265 660094ad ce7dbc2e 90e3cd1b 31a81a0a 0a32863e 802ca77f 37eb3df4 504faeaa
 Ciphertext: 2fac7901 5eed4454 9ed10dee 3bc54894 9d4142e9 368e7ef8 65150306 0ec2f565 d076825e 99812af3 faa153f1 a91153f8 6879b930 7bfd1694 f2836807 5ac59a32 ef1cbac9 138bfb52 1162d688 80184e88 8e40c68c c09e64d8 db1abe25 ca7f42cd 928f2b72 e8334753 86cc940c 54cfd1af be19b2db ee127925 96bc2620 03586adc 6f9d4ab7 662ae5cd 8c565b58 734baff1 6571b94d c92e450e 3bbbdfd1 d0a343a5 9e3ac0cf c2337f70 79ef31ad b7e73450 0aa7a275 765b7e88 130fea0e 0dc2f215
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 128-bit key, 12x blocks
 Key: 31b86567 c7302957 b4160c07 bcb5aa6b
 IV: da46754d 902b8ce0 3fd9bbd7 2ce9ece3
 Plaintext: 4802c9c1 94442001 f92c4c3e 6ddcfdce d963854b 1d424dd0 f1ce0349 22d46530 df08dd73 203cc894 340195c9 d296b29c 40a3332f af9371f4 fd92e705 c595390c d97c492b 07ae6363 905fda00 27ef73de 473c1da4 02f22a7a dc97286b 31ba51b0 57eed375 31721843 b6fe0b51 e5e70e49 cd4f6c32 1744a0e8 839aad8d bbfce47d 6c989ed7 52a9f0f0 5572ba21 4c87c4f5 43cddb10 682bd7bc d751ce6d 460deb21 d8d95b84 ff0ebf8a 393f4637 87964588 f0425c77 fc695a60 d8109f72 0f3c619f
 Ciphertext: 77e302cc 9b055d22 ebde92e4 edd8511a 8683b658 06bf04fb f15f12ba 12b21aae 2f22dfef 7fe19470 1e969e50 f9e90757 a9f111a3 a0861ae9 193210af 18f1db92 b4690808 2ec1dd37 cf301380 541a9688 659bbb3c d3a4e5b2 95531c1d 33a1501e 0a0ac3a8 36de3795 854dd9ed d0068afe 4887eda5 1779d286 8372b759 7b00eb1c 257ff5ff c44d3012 1bd0be21 849643a5 3273ab9c 51d537d8 ba776686 f16ea201 8dbfd9ed 781308c8 906899e6 bf611041 f1658671 b417b66c b77da2eb 5f10dfd6
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 128-bit key, 12x blocks
 Key: 963980d9 d4bb79d7 94e66a4d 27659caa
 IV: fac948a9 72c9affe dededa37 f2f69bef
 Plaintext: ad764329 59837a88 cbf55791 337318d7 5f5cc7c3 0fb7af70 7b1df4b3 f9f38326 bdbd79ec 003ae0f7 65cd816a 619ae4c2 ffbb67bd 41a24d9b 1487944d 0a89e96b 521e3d79 b61c8d7d c8a93f06 a00f3609 904dddae 5272bf38 80049dde cea06df0 f613b773 89447b6e 5cfe6aae 7cbec61e 14ea4b06 b1e1b6ba a03f9daa 11aed9fa 7bb2c9a8 95848b7c 17bf51a8 90a2ce57 7e07028e 479b2b0d e1270007 e6f92685 91d41a7f e7eb0e3d eed1f982 ec79a60c 45da14ac d54bb210 86d608a3 20d220f3
 Ciphertext: aa250d3e 670e123e 22ffea33 dfb2905d 1400f11c 2585cf16 4c7670c3 eb6cdf20 d2f93bf9 e4744080 6065ed66 64e0363a 9b822bae 31de646f c21a6a05 7141a997 bd224629 589cb2c4 808425f4 66a79039 81d74426 e58c2c31 a277130c 4fb7ee55 ec4530ff a2d34348 321f9047 c6206faf 5fea5d5e 4e78424a 344de9b4 783f774a 27f8114d 8ca54374 ed21066d 9dfdd20c 95adbd17 6924e06c 48b70fcd 91e4bc41 c2fa2c13 974db72e 5c0f6ed7 a07edfb3 c9e510ca d27327df 828306b8 950887df
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 128-bit key, 12x blocks
 Key: fcfd68be 11b1b06d 39a46c27 44fe777c
 IV: f5ed9c88 eafcef72 53fe7636 a04f31e1
 Plaintext: 64ca825c fd30e627 2837c74b c9a9d02f f6de22c0 0681fca5 713be64c 476d3dd6 e30210ff c079fc02 f2610286 8ca6c5f6 f5ffc546 4efdc057 3190aa37 397cfa62 f5ca85d6 af3dbc58 506b22d4 983e4446 79df845d 63341937 48d6aa92 dc337df7 fea769f2 46f1e6b0 2cceee82 40665179 180f2dc8 b2acb95d 1fbbc53c d7aef559 a23d6a77 7344a813 95947e71 2b76b01d 762e917f b0123a4b 35974b7d c9480923 926328e1 dc907e48 7139fb74 ed7d3b01 1bf1027a 765fc81a 63ee2759 174c5011
 Ciphertext: 71a98d2e 4a989593 a313eca3 3d057761 b8fc9d2d f304d929 290c1aba 10784032 ff4faee1 f72a66a4 bdfc6f31 6999a4ed 7bafcd1f ece025cd 170b8ea4 d3d78d46 f76ea5fd f2f75f11 c9caf788 776ef9f2 4a2467bf 49e09a47 81da4f6d db289359 50924cf5 f330421f 22f24e9a ec31a088 ddbf42df 6e88e77c 3fd6ce2b 808ebd5f 41627425 883351c4 62bb3e03 31efe098 b11c4a9a 66f1edd5 3f56aab0 3a12b342 442def57 c1a6981b c803cbb8 e743d1c2 bfc531a4 0e799205 dc00a1a3 c01eb932
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 128-bit key, 12x blocks
 Key: 56ff616d 24483b2f 9a7b074c 704e5dce
 IV: 397bdaf8 42c68f71 4f748876 bda823c4
 Plaintext: bc6a122d cdc241ce 10262936 92903f3f d005e306 6ed3a8b1 be7aeaf4 786916e7 9f765b2f e070c7d2 232120df e062b6d9 976c6b12 4a3c7f32 5c7f5e27 82d17721 f33d639d a9888a1f a54d2965 2ddcd529 30a660b0 5e66ff66 2eae222e c9e00bb2 9a32715e cbf9ea31 8e05e645 54d41c5d 95525f3f 70810220 19e178b3 e58a0518 cb0ae62f bab3fc4c 74b80709 77d12bfe 33382286 d11222a5 235a8394 0dc4fc02 5225313d 198eb9e9 f88cdf47 95c1142e f5360baf 36d504a8 c6d703cd c1b7f9f6
 Ciphertext: 6d17568a d59cb53f d7fb7df2 1e321883 a64639fa 47bccaac 40f1ed03 19b83c45 94b2b509 694c8cd0 738ae112 727731bf e12a820a d9b7fe3c a70178ce fda1aa95 39d415aa a5c13573 0371bc98 d2d79380 59ea46fa 7b18fc14 8eb64552 bda9e32d 086acb5e 1af710ec 2242cdad d46d5154 f540a599 5ff208a0 bf3f8050 dadc74fa b4895f26 936f0c49 16deaaeb 057cd67b 87f0e969 e8a49621 334556de 790ce837 6bd86975 2a61e34e 56bdcfd6 4e0ab34b 6c58ec41 8b0f171a a90fe529 26c65f66
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 128-bit key, 12x blocks
 Key: a251ec29 0a9ff830 87dadded 8dfc0744
 IV: bedeec77 f8cc7338 3bd8ac73 b0a18d36
 Plaintext: c7281e86 9b410cd8 24a4fc6f 940a4ed1 c77c8bc2 e059f3fe 03b5a764 59344464 8d14fd94 13d98caf 750fbaaa 4f3929e8 d871ee00 4300d34f e8eb370e 6e9fef00 93d7d49e 8a713a6b ee8a73a3 556c5de8 1e1285d4 58b726ce 243cbbd5 9bee5f12 58aaa7ab 3edf1a89 05c85883 57ac2a9a 7efb5c55 df38f6d4 1401415c 3b94c741 c829a1c4 67d05b5d 9484ec12 484278a5 0219d02f 6a29f9c9 bcf1cf85 b1a81812 b358059c ec54e04d 775112ab 020d8679 fb6eb18a c12c8a0e 60a5cc72 994d528e
 Ciphertext: ff5ee3bb 18191e20 874804bc 5ea7b114 b0f86e2c 0621de5a 0d230028 fe6bf86d 914a1502 27c1d905 db521d60 4f80ed6b 448c6b69 94e95227 b05e18fc 03c09c64 079259f6 e7bc579a ba6e6cfb cbdc007d 3200b369 98c50dfc 8294f8bb f8d374d5 fe975f2a 42296603 c81b5144 89dd15c2 e2402725 dc3e3f14 866dd2e0 a335b17d 68a97880 7af4a63c 996a6328 057ebfb2 3d0c21f2 7c31adbf 2ec6db04 77835d08 dd152e20 ad99957a d6cf8d32 61b391e6 a74955a9 4ee12d70 2540108c 8a13ed26
 Test: Encrypt
 #
 #
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 256-bit key, 12x blocks
 Key: 5c2c26ac 7db54247 df0cbba7 996adacb 96832104 eaedf84f 149f410f f412301a
 IV: 873daa9a f2d54617 f6061954 06bfbc72
 Plaintext: 5657319b 388d8acb 0cde35fe f2d98570 d34eec3c 8c70be95 708d6688 9722887b 1167d228 d68d6fb8 4d0a488d 3724615e 93939b35 8788783f 6803176d 9f035b5e 4f9f8ac5 d17c15ce afd7c3f1 6b2427bb 4c9e3c98 d240d7a8 831335ba 2ecce959 0c2943b8 1c71a5a6 ed6a727b f28d15d8 cea83589 67f481af 0c531451 86f20c48 57a30027 7af11465 e95226cd d20ea7cf f7c59f0f 0c622d2b 75399583 5cfe785b 28964af8 fa257b51 19300a99 769efdfa 6a106d7c ce4ce6bc 562b85ed 59d05f70
 Ciphertext: fc529b45 ad5ee616 ced8872b eb92d95c 938d270c dd462ce8 694f9141 e1671fc2 5629e135 678f286f 7a723b4e 91b396a6 cc2460d6 471ed63f b871209e 56ec6e6a 322b9467 0ed89b48 28b4354c 3b41aba9 172973be 53d0e77c 79ef2cc8 06a1caa2 747e5d93 74b6ec6b e65ce20a 68246733 9ea48eea 91d8ce14 c31341a7 d9dd3653 b85b8326 b8e59576 95824d1f 4ec9d42c 16f88fb4 31ea0b43 a4675c88 b47cff33 908adf9a 6a873418 c9da9a22 23287cdd 1afbab66 a733867d 859249af 1d9ff223
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 256-bit key, 12x blocks
 Key: df4081ed 165eb7b4 5a8e3d60 af20220c 8f9c3ba3 2c0fa75a ecbfea08 79f95d9b
 IV: 135b7449 136e9813 e115ce75 1eeaeaba
 Plaintext: 67f8955a 57cdd284 0a461844 7989696a af9961d7 9be62de3 83d7c0b3 527e5980 a28786f4 90010d68 c601d536 7292d001 950c44ad 83276c16 0e181861 7e13a51f a1661fbf 9f7405e1 bbb76759 ab58bf90 21eefa49 8171e655 adbb5df1 6c795180 c211053a 5dbc1b3a f84c8863 a9d48e3c 96267c9b 2ccc02f5 d6d8895d dcbb547c facb1103 7f635792 63b702e1 a2eb3033 c2894258 7947b443 301c9db1 8d7e988f 315ae93e d1d6caa7 b676fde5 423c7955 80750cdc 1d51f35a f83e78bc d37aa4bf
 Ciphertext: 16370609 1169208a 5143b810 3f21e266 3cc08245 5de5a2ef 1d41e2e3 4e602172 9653d1a6 c244f48d 67dcb98a 2a99c958 8697a067 1eff8ce5 4ac33551 5a1ce849 e846bba4 4009201c a1f4583a abde5cce 54f90060 47f3cb82 c6505650 126ead67 713cf104 27ac6fbd f652a6eb 41dea62d 3886b001 2a465bad 3e6d652c 61566cbb 53680ad5 04d32d06 90c5dff0 af9fc039 fbdafc1f 27b43141 0ea64e09 3d9788e5 185b2049 57c0453b c130693a fc6e4dc8 f8beabc2 85e6793e e8318eb1 8580cc49
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 256-bit key, 12x blocks
 Key: d57edf2e 40360311 9d8bb2f0 4ae82012 e81ef354 4b655221 d6e80df6 174ed556
 IV: 17ff5622 e16675a8 72cd4ab9 dd1c5a4b
 Plaintext: 6e7e860b 8fa45f7b 8899f31e 8ec23040 73376aff bb6384e5 38eb4144 3118e104 31d21ed9 3763b55e 7da3f8b4 23f69cda 4cbfff7b c16c9d2d aea72bc5 36d2f01a 12de0007 231ff9a7 a9d13b86 85381436 5a06878f 0a88fb4c a0b14ea6 2609154e beeea9b5 c847e4e4 019d45b5 6fcb6d3f 73c9d3b0 d50943d1 a5f573d3 c268b5d3 e7de88a6 92b1d95d f35cce90 4052066c 3c526201 602fda97 1fafc915 b3ff6138 b25f1ae2 fb7fcf1b 38c806b2 76160dbd eeeb8f38 18901c4d efa884d3 d74115d0
 Ciphertext: 278ec7a5 d4e70656 71427c67 8966a01d 5ca231b0 43a86f5e 8c9804a7 24a68037 a166eab5 b56c1ca3 22d2f43b e3d4474b aa96382b bfdd4256 25db6839 70999746 a6494781 7db0dcfc 5ce14662 63f6f80a 5300081a 8d59bbb3 73c826a8 839467d5 5ea95450 8b6c3c30 95e0efc6 ffa56c55 1db19303 527c76b6 3963e978 fa658cd2 0ac98768 190ce717 7079ee6a 1a838919 c67d5d0f f42e58fa ca44dc45 6eebede6 eb3c5e0a d11222c7 36cbbe00 bff26ed4 a0ec26c4 188e2d8e c59ddf50 4b9f8ccf
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 256-bit key, 12x blocks
 Key: 5c647fbe 6c1b1844 e30f4d18 f80880ee 41e478ff 92cafd10 8b034ae4 1d1e3663
 IV: 7569ae27 8065743d 2580fd55 50c1c762
 Plaintext: 0166edf3 84a042cd 83eed0ec be8d934d f1d3e640 028a8d71 500826bc 70d54b68 5e56ca08 fa811879 1edb8624 9df223fc b4ce8ab8 b4d0f6a7 bc8f2204 7f7e98cd 73c5eb37 137fe5a2 9413ee5b baeda402 a314378c 64eae015 0b7b6a63 1248df6b 70251730 e72c5683 a59d9019 6f4892b6 6adb55a8 27a92ca2 4a1febdf 88b49a8a 38eee994 261daf07 fd832735 5dd4fc76 97de3346 41aa7f24 27ffdef4 ab37befb 2b5f8dd7 12053488 c8e6a7f6 396b4dd7 d8f9f627 5a33bb35 67ad4138 9fe18563
 Ciphertext: 546f0fc1 ac7fe610 fb313716 8cf7d6b2 b43fdab8 2aa4383b 8d9cc4f0 2ea50d13 ab9da632 36ddb6f6 53b6b33d 779836f2 fce817a3 4d5cadce 67180b95 cd3cac1e 121b85a0 265a3df1 19991ba8 4a7f0b7f 65bdeba1 33729ea9 15d1b6da e5df511c b5d2df33 e0f1fa92 1f43d1c8 508c1a0d c974dc6e 6d75804a 04477345 0daad6d9 80fbed04 fa060698 0db5a2bf 14026b0b e40b2829 d0485c3a f5240794 5915196a ab20d328 bfac23d7 33aaaefe 7d7ca616 a8e0c76b 66206957 226f4d67 571e57c1
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 256-bit key, 12x blocks
 Key: 3917caa2 5249c230 12023540 48f49e37 e945b2a9 f83de8df eb9a0780 555d57b6
 IV: 8c767f28 e36cd83b 26c2475b 019ed7cd
 Plaintext: 97ea851e 3c027751 4f88db02 4007eced f399405f 8c8fa6ca 539092f0 6d2058d3 e17c0929 19785628 f6b45849 3ad36cca 27159ca6 bf54f206 0c1a79f1 58ee3fb8 8c6b3d34 c377cd8d ae6f4bfa f10839c5 77e73123 a33ec7f3 31077bf5 5dc7e23d 37adfecb c53cb4e1 9846a560 31ed786b cff75a71 66239bba 5de00c7b fd67b01b 79d0d2a3 d1cb771e 7dd0e624 d40366c9 31d89060 30692eed 2901e318 ee6f0270 a078a103 d819ec34 6d21034c 7bf7208d e1aba0ac b39065ad d2a4d5f2 8aed7faf
 Ciphertext: f8dc6354 1de8d139 d96e4eaf 6f90eeb5 a22a5c7e 305bd2ff acf98aee bfa04159 3c3a4b15 179f7cc5 d47361a2 7f946a56 f0e27f8c dfeefa20 68338010 cceb4c1a bcf6b096 0bd5b867 ce9695d2 dc5eb9cf c0a0749a f3babc37 de777986 9f32c8b1 06704188 d611b337 e12f120a 3ff9bb94 f7d68fbd e910e4db 9d12ef41 4f06d35e 02ac6968 ed6f6ad7 cb7b6041 ffc78563 da4ba3f6 b260a5ab 5e90f716 ca124a83 a266d7de ae77aede 2416e931 feee402a c81e80b8 f6c9853a 6764f37a dc67f93d
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 256-bit key, 12x blocks
 Key: 2bfc50e6 04f53f8b 6f86edd6 ea1f9a2d 13b515ab 48756872 66769762 c8a971e9
 IV: 0b4302b5 c5e7f81c ee8d0eb5 e6cf27e0
 Plaintext: 2897b693 f5a9e0c0 5e1e65f4 b5b17ec5 09919463 1906b445 58097739 f91c7f47 551424b6 ac4d2427 84dbe409 c00eac8c c52f7fcd f3e07d44 29fdfcb7 d8790d1f 1b6ffc46 0e2941fe be2c17c7 53b71188 149d88dd 17c0e10c 08a75bd5 eadcc5fe 8087b574 518e8900 e3b11446 e85ef7f7 db909b92 97bf0e95 62f94808 62af252b 031271d1 57f62068 5d50d4ea a84704a9 427642df 1902e4f1 fe5afdad c979a385 dde11816 dc6f2a80 aba575a0 4324c92c 6a9a4509 423224ca 32948c23 56d085c8
 Ciphertext: e1b89230 abcbee13 2c5e79f8 892a250f 31e400c2 7d4fc1c8 33a83f8a 4e117b06 15d90bf3 9034e303 930d2289 d1408351 f30a409b 9800ca6a f2a196db ecd845af 85519cff 879b529b 345ee957 8da5af95 be1560d9 79104f12 bebb39f2 82bfde4d 3fbe8ea1 2ec0a1d7 abb32d52 a4cbae5e c19e9796 e92a206e fb9a97e6 0c8d69fe 2290c4bd a09bca3c 8bc9576d 770d8b68 95c104da 688e7702 4b183042 343e0a70 047c0e93 1a93db77 9fe7af71 95f5139f b1cb961e f94db18d 7c53b059 da4b4ade
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 256-bit key, 12x blocks
 Key: 919e0958 e4eca268 a70465b6 2dd627cd 08608737 fcb98480 c4908e56 7cffa4eb
 IV: 2005f870 b27d437a 1fa6e0a3 d714baf5
 Plaintext: cdb55ee2 86d6347e 484c3b03 a57deb15 34464cdb a8cfefbf 12242431 17c96cb2 0a3ef9d9 02a1766c 364c7e80 61c32b19 c7d91e73 5008e147 49c5ff1a c7d19ab1 013fa114 998d19ac e6d24f1d f0d7b733 4cb6de9c 44b369fb bc087b76 720855f7 706651ff 9e3e5ed6 2f4b0fe9 3823c836 bd828469 da93886f 7eb5c44c 63efdb46 a68f0a59 87528843 74b09104 bc1a1b42 8d9bccb1 1ed83f2c 02c2fd03 3c0f6fd3 bb021232 d4f8f2fc 674a2322 748d4aba d053c252 a4345c43 48b0f90f 3f92e3a7
 Ciphertext: 4f7696c7 c3aa9d35 51a7b6d7 ae244626 b1a94e08 62ab3ec4 52aa1a32 6ca89cda 6458600f 8da97df7 2da943ac 99f60e19 1598a8b4 8e542460 3580d2d1 3a4cc59d e9627617 5368ee26 932ce289 4a8984a9 778f2833 ec43064c 412830d1 b996daec aa72694c 89fefe8a 8e26e279 08958e02 2e218c51 27e880f6 8a5d6f24 44e66236 de9e5606 b554d185 e08949c2 1996dda8 8cef3dcf 84b8afe9 24acc1cf 16afe884 9729f18b ad608f72 9d764e74 40830899 962ba5b6 e39ae5ff 93abf2f3 dba7ecfd
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 256-bit key, 12x blocks
 Key: 9bfd812b 2bbf83cf 10b8c4ca bfe7b164 6904a8ac 486a44e2 b3e387f7 96ecc103
 IV: 60183921 2a5380bf bef34ae8 d05b3b96
 Plaintext: f605bbd3 4e870576 39dfb6cd 264ee372 1692ebe6 d3a19181 99809ae9 104b37bc 4f3686e3 ee81a09a a7dc4aef 9f7f537f 8125d120 3855c97c da73f13e 02ce1e6e b0d6548e 44980963 54eb80cd 44fbaee8 c99af4c7 d2b1b458 10e45ab4 0b1a0991 392b86a5 a8b5c844 6c91b02a 4d30d8e8 879932c1 8108daff 2489e886 a0451756 7aed996b 7a2fb5ff 9873e89f 1c02c9a6 a558c0f2 9160de7d 9ab1b2c5 ff7708c5 89302017 d14675e1 3a879c73 fd74e84c 4cbf5446 014082b7 1c0ab69d 93fc94a8
 Ciphertext: 71aa7079 728664c1 673b8154 cd75ec1f 8de77adb 583ccf03 bdf7fd33 c4050619 c5bfbc1a 60a61836 386eff52 6d79ef96 c15404be e96b1109 7cec738a 7ebefcbc 73b4ea15 4227c1d5 7cb44094 f1622606 a5121b54 73201417 49b7ef19 0e6964ec 6177ac92 722587e6 8b7a798e 896dd1ef b1ebca39 01cd6a3d ed227d75 85a2a854 9d492f3b f562ae3c 37e45e63 4f05053e 3701064e 4ea56a27 cc6437bd af10b0b8 0d158016 68c1074e e4f7dd5b 7d47566e aa5bce70 0bb8ae45 b65703e2 8a480274
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 256-bit key, 12x blocks
 Key: 6b64714a e8de07ba 7378f9c4 2f66aa3f 5d3e225b 586ed68b a8389fe8 d32f7d64
 IV: 1736d879 39ab2d79 e9361049 2c05f78f
 Plaintext: 48985b47 97bb2e88 fe3d056f 1896a028 e2519c2d 396d8d6f c1f7eb24 1ffbbdd0 d1f31a40 f9d38015 acb74d44 4c5ed2fc b6d743c6 93ebd262 fe65095c 512f7c47 a19d2cf6 8ea1bb16 305670ac 559c1db9 bc5d0311 624c6d54 5fc5dbc4 02ec794d 565f646f ee991350 648607e7 f10559ee 66f5cda8 57ff310e e1b0ca94 f7ae54c5 051ae163 f32b3e12 9db94c90 fefdd1a1 b8af57dc 801ddba1 ff167095 c873e642 3d55d7ba d76764b7 73bc3cea f4fb6e01 09a44256 894c9e07 cb98df92 707927d9
 Ciphertext: 955f9253 40764fb4 a3d25bb6 f9d06a47 25a32f00 90e67e59 390c3ed3 6b943fbb 2bebdddb dbbfa05e 663d3371 88385851 1cbe4c04 44400ad0 a7dd52bb 0d50ba82 f1c49402 3cbbf7c7 240a8353 1139801e 5b0a9471 f085f388 1608f87e 85a8abdc ebb9861c 081984c3 0e234a02 7ac597ca 4fb0bca2 10ca121d e780219c eb5e7d3e bfee2db5 c7ac9a74 a04371ad 4c5aca82 b71ebe2d 5f94ae97 df7e159b 7a00355e d19d09fa 1b8072ed 31f4e388 46b77795 778c8d53 aa16d840 85b9929a 3f9197d7
 Test: Encrypt
 #
 Source: Crypto++ 7.0 generated
 Comment: CHAM-128/CTR, 256-bit key, 12x blocks
 Key: 1815445c a3d10bee ec6d8662 a3cee6f9 30aea2b6 3030d1ca a9146b12 c0d345ab
 IV: ebb1f304 56195ba3 20c5f1ab 0823e481
 Plaintext: 61031ca2 c50d2e19 255b222d 317fa27f 003712fa c6dd0403 42e2e49e 32a7ad4f 5f2b0a09 309a7d3c 41b44285 d3ceaca1 2fdbab58 3b9c297b 9f5bd3fd 741fae58 d7d22101 2fb62bb6 d1f95de0 eb81d253 97b54dc6 0f2bdd06 f7760a3d b8dba50f 631fef58 f0ef81ed a4f57787 61b303fd b3161fba 33a307c4 a1a31f40 081fab1d 709e898a 14e6d630 e02445dc 6f48df92 44ca4146 2c29bed1 af735f76 a99cc71a 8d717d3a ff83b049 20df5319 006bd14f 8810cfd8 8a2addb3 2b834695 d8f717e6
 Ciphertext: 218e2d8b 53f4b38f 864f2c7a 9f0b3e0a 8042b185 d7452861 aebc2662 cf4aeb92 5b703728 9097c455 63fe424f 8fbc7941 f16f42f5 2bb99888 7f0465a7 5f05760e 82dfabe3 4cc729f6 3704da1d 949032ad a8d4fddd 26aff516 161bc3e9 41eac4c0 12d43f48 36f1e058 94dd2b40 966c6503 b44ff734 7cdb928e ff9b7e06 479a9b42 19f665a6 521a975d 11636959 abb66d82 b8781340 b05f2d6d 5ec6bafa ae435f47 fe2f8a70 e01b914a 853cdeee dfc9bb9b 61ec78a4 84134c41 473cc9fb ce163f1e
 Test: Encrypt
--- a/TestVectors/dsa_rfc6979.txt
+++ b/TestVectors/dsa_rfc6979.txt
@ -1,5 +1,5 @@
 AlgorithmType: Signature
-Name: DSA/SHA-1
+Name: DSA-RFC6979/SHA-1
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-1
 KeyFormat: Component
@ -25,7 +25,7 @@ Signature: 42AB2052FD43E123F0607F115052A67DCD9C5C77183916B0230D45B9931491D4C6B0B
 Test: Verify
 AlgorithmType: Signature
-Name: DSA/SHA-1
+Name: DSA-RFC6979/SHA-1
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-1
 KeyFormat: Component
@ -46,217 +46,13 @@ PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
 Test: KeyPairValidAndConsistent
 Message: 73616D706C65
 Signature: 2E1A0C2562B2912CAAF89186FB0F42001585DA5529EFB6B0AFF2D7A68EB70CA313022253B9A88DF5
-#Test: DeterministicSign
+Test: DeterministicSign
 Message: 74657374
 Signature: 42AB2052FD43E123F0607F115052A67DCD9C5C77183916B0230D45B9931491D4C6B0BD2FB4AAF088
-#Test: DeterministicSign
+Test: DeterministicSign
 AlgorithmType: Signature
-Name: DSA/SHA-224
+Name: DSA-RFC6979/SHA-1
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-224
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 Message: 73616D706C65
 Signature: 4BC3B686AEA70145856814A6F1BB53346F02101E410697B92295D994D21EDD2F4ADA85566F6F94C1
 Test: Verify
 Message: 74657374
 Signature: 6868E9964E36C1689F6037F91F28D5F2C30610F249CEC3ACDC83018C5BD2674ECAAD35B8CD22940F
 Test: Verify
 AlgorithmType: Signature
 Name: DSA/SHA-224
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-224
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
 Message: 73616D706C65
 Signature: 4BC3B686AEA70145856814A6F1BB53346F02101E410697B92295D994D21EDD2F4ADA85566F6F94C1
 #Test: DeterministicSign
 Message: 74657374
 Signature: 6868E9964E36C1689F6037F91F28D5F2C30610F249CEC3ACDC83018C5BD2674ECAAD35B8CD22940F
 #Test: DeterministicSign
 AlgorithmType: Signature
 Name: DSA/SHA-256
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-256
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 Message: 73616D706C65
 Signature: 81F2F5850BE5BC123C43F71A3033E9384611C5454CDD914B65EB6C66A8AAAD27299BEE6B035F5E89
 Test: Verify
 Message: 74657374
 Signature: 22518C127299B0F6FDC9872B282B9E70D07908126837EC18F150D55DE95B5E29BE7AF5D01E4FE160
 Test: Verify
 AlgorithmType: Signature
 Name: DSA/SHA-256
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-256
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
 Message: 73616D706C65
 Signature: 81F2F5850BE5BC123C43F71A3033E9384611C5454CDD914B65EB6C66A8AAAD27299BEE6B035F5E89
 #Test: DeterministicSign
 Message: 74657374
 Signature: 22518C127299B0F6FDC9872B282B9E70D07908126837EC18F150D55DE95B5E29BE7AF5D01E4FE160
 #Test: DeterministicSign
 AlgorithmType: Signature
 Name: DSA/SHA-384
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-384
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 Message: 73616D706C65
 Signature: 07F2108557EE0E3921BC1774F1CA9B410B4CE65A54DF70456C86FAC10FAB47C1949AB83F2C6F7595
 Test: Verify
 Message: 74657374
 Signature: 854CF929B58D73C3CBFDC421E8D5430CD6DB5E6691D0E0F53E22F898D158380676A871A157CDA622
 Test: Verify
 AlgorithmType: Signature
 Name: DSA/SHA-384
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-384
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
 Message: 73616D706C65
 Signature: 07F2108557EE0E3921BC1774F1CA9B410B4CE65A54DF70456C86FAC10FAB47C1949AB83F2C6F7595
 #Test: DeterministicSign
 Message: 74657374
 Signature: 854CF929B58D73C3CBFDC421E8D5430CD6DB5E6691D0E0F53E22F898D158380676A871A157CDA622
 #Test: DeterministicSign
 AlgorithmType: Signature
 Name: DSA/SHA-512
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-512
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 Message: 73616D706C65
 Signature: 16C3491F9B8C3FBBDD5E7A7B667057F0D8EE8E1B02C36A127A7B89EDBB72E4FFBC71DABC7D4FC69C
 Test: Verify
 Message: 74657374
 Signature: 8EA47E475BA8AC6F2D821DA3BD212D11A3DEB9A07C670C7AD72B6C050C109E1790008097125433E8
 Test: Verify
 AlgorithmType: Signature
 Name: DSA/SHA-512
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-512
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
 Message: 73616D706C65
 Signature: 16C3491F9B8C3FBBDD5E7A7B667057F0D8EE8E1B02C36A127A7B89EDBB72E4FFBC71DABC7D4FC69C
 #Test: DeterministicSign
 Message: 74657374
 Signature: 8EA47E475BA8AC6F2D821DA3BD212D11A3DEB9A07C670C7AD72B6C050C109E1790008097125433E8
 #Test: DeterministicSign
 AlgorithmType: Signature
 Name: DSA/SHA-1
 Source: RFC 6979
 Comment: Section A.2.2. DSA, 2048 Bits, SHA-1
 KeyFormat: Component
@ -296,7 +92,7 @@ Signature: C18270A93CFC6063F57A4DFA86024F700D980E4CF4E2CB65A504397273D98EA0\
 Test: Verify
 AlgorithmType: Signature
-Name: DSA/SHA-1
+Name: DSA-RFC6979/SHA-1
 Source: RFC 6979
 Comment: Section A.2.2. DSA, 2048 Bits, SHA-1
 KeyFormat: Component
@ -330,14 +126,65 @@ Test: KeyPairValidAndConsistent
 Message: 73616D706C65
 Signature: 3A1B2DBD7489D6ED7E608FD036C83AF396E290DBD602408E8677DAABD6E7445A\
           D26FCBA19FA3E3058FFC02CA1596CDBB6E0D20CB37B06054F7E36DED0CDBBCCF
-#Test: DeterministicSign
+Test: DeterministicSign
 Message: 74657374
 Signature: C18270A93CFC6063F57A4DFA86024F700D980E4CF4E2CB65A504397273D98EA0\
           414F22E5F31A8B6D33295C7539C1C1BA3A6160D7D68D50AC0D3A5BEAC2884FAA
-#Test: DeterministicSign
+Test: DeterministicSign
 AlgorithmType: Signature
-Name: DSA/SHA-224
+Name: DSA-RFC6979/SHA-224
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-224
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 Message: 73616D706C65
 Signature: 4BC3B686AEA70145856814A6F1BB53346F02101E410697B92295D994D21EDD2F4ADA85566F6F94C1
 Test: Verify
 Message: 74657374
 Signature: 6868E9964E36C1689F6037F91F28D5F2C30610F249CEC3ACDC83018C5BD2674ECAAD35B8CD22940F
 Test: Verify
 AlgorithmType: Signature
 Name: DSA-RFC6979/SHA-224
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-224
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
 Message: 73616D706C65
 Signature: 4BC3B686AEA70145856814A6F1BB53346F02101E410697B92295D994D21EDD2F4ADA85566F6F94C1
 Test: DeterministicSign
 Message: 74657374
 Signature: 6868E9964E36C1689F6037F91F28D5F2C30610F249CEC3ACDC83018C5BD2674ECAAD35B8CD22940F
 Test: DeterministicSign
 AlgorithmType: Signature
 Name: DSA-RFC6979/SHA-224
 Source: RFC 6979
 Comment: Section A.2.2. DSA, 2048 Bits, SHA-224
 KeyFormat: Component
@ -377,7 +224,7 @@ Signature: 272ABA31572F6CC55E30BF616B7A265312018DD325BE031BE0CC82AA17870EA3\
 Test: Verify
 AlgorithmType: Signature
-Name: DSA/SHA-224
+Name: DSA-RFC6979/SHA-224
 Source: RFC 6979
 Comment: Section A.2.2. DSA, 2048 Bits, SHA-224
 KeyFormat: Component
@ -411,14 +258,66 @@ Test: KeyPairValidAndConsistent
 Message: 73616D706C65
 Signature: DC9F4DEADA8D8FF588E98FED0AB690FFCE858DC8C79376450EB6B76C24537E2C\
           A65A9C3BC7BABE286B195D5DA68616DA8D47FA0097F36DD19F517327DC848CEC
-#Test: DeterministicSign
+Test: DeterministicSign
 Message: 74657374
 Signature: 272ABA31572F6CC55E30BF616B7A265312018DD325BE031BE0CC82AA17870EA3\
           E9CC286A52CCE201586722D36D1E917EB96A4EBDB47932F9576AC645B3A60806
-#Test: DeterministicSign
+Test: DeterministicSign
 AlgorithmType: Signature
-Name: DSA/SHA-256
+Name: DSA-RFC6979/SHA-256
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-256
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 Message: 73616D706C65
 Signature: 81F2F5850BE5BC123C43F71A3033E9384611C5454CDD914B65EB6C66A8AAAD27299BEE6B035F5E89
 Test: Verify
 Message: 74657374
 Signature: 22518C127299B0F6FDC9872B282B9E70D07908126837EC18F150D55DE95B5E29BE7AF5D01E4FE160
 Test: Verify
 AlgorithmType: Signature
 Name: DSA-RFC6979/SHA-256
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-256
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
 Message: 73616D706C65
 Signature: 81F2F5850BE5BC123C43F71A3033E9384611C5454CDD914B65EB6C66A8AAAD27299BEE6B035F5E89
 Test: DeterministicSign
 Message: 74657374
 Signature: 22518C127299B0F6FDC9872B282B9E70D07908126837EC18F150D55DE95B5E29BE7AF5D01E4FE160
 Test: DeterministicSign
 AlgorithmType: Signature
 Name: DSA-RFC6979/SHA-256
 Source: RFC 6979
 Comment: Section A.2.2. DSA, 2048 Bits, SHA-256
 KeyFormat: Component
@ -458,7 +357,7 @@ Signature: 8190012A1969F9957D56FCCAAD223186F423398D58EF5B3CEFD5A4146A4476F0\
 Test: Verify
 AlgorithmType: Signature
-Name: DSA/SHA-256
+Name: DSA-RFC6979/SHA-256
 Source: RFC 6979
 Comment: Section A.2.2. DSA, 2048 Bits, SHA-256
 KeyFormat: Component
@ -492,14 +391,65 @@ Test: KeyPairValidAndConsistent
 Message: 73616D706C65
 Signature: EACE8BDBBE353C432A795D9EC556C6D021F7A03F42C36E9BC87E4AC7932CC809\
           7081E175455F9247B812B74583E9E94F9EA79BD640DC962533B0680793A38D53
-#Test: DeterministicSign
+Test: DeterministicSign
 Message: 74657374
 Signature: 8190012A1969F9957D56FCCAAD223186F423398D58EF5B3CEFD5A4146A4476F0\
           7452A53F7075D417B4B013B278D1BB8BBD21863F5E7B1CEE679CF2188E1AB19E
-#Test: DeterministicSign
+Test: DeterministicSign
 AlgorithmType: Signature
-Name: DSA/SHA-384
+Name: DSA-RFC6979/SHA-384
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-384
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 Message: 73616D706C65
 Signature: 07F2108557EE0E3921BC1774F1CA9B410B4CE65A54DF70456C86FAC10FAB47C1949AB83F2C6F7595
 Test: Verify
 Message: 74657374
 Signature: 854CF929B58D73C3CBFDC421E8D5430CD6DB5E6691D0E0F53E22F898D158380676A871A157CDA622
 Test: Verify
 AlgorithmType: Signature
 Name: DSA-RFC6979/SHA-384
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-384
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
 Message: 73616D706C65
 Signature: 07F2108557EE0E3921BC1774F1CA9B410B4CE65A54DF70456C86FAC10FAB47C1949AB83F2C6F7595
 Test: DeterministicSign
 Message: 74657374
 Signature: 854CF929B58D73C3CBFDC421E8D5430CD6DB5E6691D0E0F53E22F898D158380676A871A157CDA622
 Test: DeterministicSign
 AlgorithmType: Signature
 Name: DSA-RFC6979/SHA-384
 Source: RFC 6979
 Comment: Section A.2.2. DSA, 2048 Bits, SHA-384
 KeyFormat: Component
@ -539,7 +489,7 @@ Signature: 239E66DDBE8F8C230A3D071D601B6FFBDFB5901F94D444C6AF56F732BEB954BE\
 Test: Verify
 AlgorithmType: Signature
-Name: DSA/SHA-384
+Name: DSA-RFC6979/SHA-384
 Source: RFC 6979
 Comment: Section A.2.2. DSA, 2048 Bits, SHA-384
 KeyFormat: Component
@ -573,14 +523,65 @@ Test: KeyPairValidAndConsistent
 Message: 73616D706C65
 Signature: B2DA945E91858834FD9BF616EBAC151EDBC4B45D27D0DD4A7F6A22739F45C00B\
           19048B63D9FD6BCA1D9BAE3664E1BCB97F7276C306130969F63F38FA8319021B
-#Test: DeterministicSign
+Test: DeterministicSign
 Message: 74657374
 Signature: 239E66DDBE8F8C230A3D071D601B6FFBDFB5901F94D444C6AF56F732BEB954BE\
           6BD737513D5E72FE85D1C750E0F73921FE299B945AAD1C802F15C26A43D34961
-#Test: DeterministicSign
+Test: DeterministicSign
 AlgorithmType: Signature
-Name: DSA/SHA-512
+Name: DSA-RFC6979/SHA-512
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-512
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 Message: 73616D706C65
 Signature: 16C3491F9B8C3FBBDD5E7A7B667057F0D8EE8E1B02C36A127A7B89EDBB72E4FFBC71DABC7D4FC69C
 Test: Verify
 Message: 74657374
 Signature: 8EA47E475BA8AC6F2D821DA3BD212D11A3DEB9A07C670C7AD72B6C050C109E1790008097125433E8
 Test: Verify
 AlgorithmType: Signature
 Name: DSA-RFC6979/SHA-512
 Source: RFC 6979
 Comment: Section A.2.1. DSA, 1024 Bits, SHA-512
 KeyFormat: Component
 Modulus: 86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447\
         E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88\
         73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C\
         881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779
 SubgroupOrder: 996F967F6C8E388D9E28D01E205FBA957A5698B1
 SubgroupGenerator: 07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D\
                   89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD\
                   87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4\
                   17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD
 PublicElement: 5DF5E01DED31D0297E274E1691C192FE5868FEF9E19A84776454B100CF16F653\
               92195A38B90523E2542EE61871C0440CB87C322FC4B4D2EC5E1E7EC766E1BE8D\
               4CE935437DC11C3C8FD426338933EBFE739CB3465F4D3668C5E473508253B1E6\
               82F65CBDC4FAE93C2EA212390E54905A86E2223170B44EAA7DA5DD9FFCFB7F3B
 PrivateExponent: 411602CB19A6CCC34494D79D98EF1E7ED5AF25F7
 Message: 73616D706C65
 Signature: 16C3491F9B8C3FBBDD5E7A7B667057F0D8EE8E1B02C36A127A7B89EDBB72E4FFBC71DABC7D4FC69C
 Test: DeterministicSign
 Message: 74657374
 Signature: 8EA47E475BA8AC6F2D821DA3BD212D11A3DEB9A07C670C7AD72B6C050C109E1790008097125433E8
 Test: DeterministicSign
 AlgorithmType: Signature
 Name: DSA-RFC6979/SHA-512
 Source: RFC 6979
 Comment: Section A.2.2. DSA, 2048 Bits, SHA-512
 KeyFormat: Component
@ -620,7 +621,7 @@ Signature: 89EC4BB1400ECCFF8E7D9AA515CD1DE7803F2DAFF09693EE7FD1353E90A68307\
 Test: Verify
 AlgorithmType: Signature
-Name: DSA/SHA-512
+Name: DSA-RFC6979/SHA-512
 Source: RFC 6979
 Comment: Section A.2.2. DSA, 2048 Bits, SHA-512
 KeyFormat: Component
@ -654,9 +655,9 @@ Test: KeyPairValidAndConsistent
 Message: 73616D706C65
 Signature: 2016ED092DC5FB669B8EFB3D1F31A91EECB199879BE0CF78F02BA062CB4C942E\
           D0C76F84B5F091E141572A639A4FB8C230807EEA7D55C8A154A224400AFF2351
-#Test: DeterministicSign
+Test: DeterministicSign
 Message: 74657374
 Signature: 89EC4BB1400ECCFF8E7D9AA515CD1DE7803F2DAFF09693EE7FD1353E90A68307\
           C9F0BDABCC0D880BB137A994CC7F3980CE91CC10FAF529FC46565B15CEA854E1
-#Test: DeterministicSign
+Test: DeterministicSign
--- a/TestVectors/hc128.txt
+++ b/TestVectors/hc128.txt
@ -0,0 +1,645 @@
 # These test vectors were generated using the eSTREAM reference
 # implementation for HC-128 using the file hc-128.c.
 AlgorithmType: SymmetricCipher
 Name: HC-128
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 1-byte msg
 Key: 2923be84e16cd6ae 529049f1f1bbe9eb
 IV: b3a6db3c870c3e99 245e0d1c06b747de
 Plaintext: b3
 Ciphertext: 1f
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 2-byte msg
 Key: 124dc843bb8ba61f 035a7d0938251f5d
 IV: d4cbfc96f5453b13 0d890a1cdbae3220
 Plaintext: 9a50
 Ciphertext: 3a27
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 3-byte msg
 Key: ee407836fd124932 f69e7d49dcad4f14
 IV: f2444066d06bc430 b7323ba122f62291
 Plaintext: 9de18b
 Ciphertext: cd261d
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 4-byte msg
 Key: 1fdab0ca9902b972 9d492c807ec599d5
 IV: e980b2eac9cc53bf 67d6bf14d67e2ddc
 Plaintext: 8e6683ef
 Ciphertext: 60f109d3
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 5-byte msg
 Key: 574961ff698f61cd d11e9d9c167272e6
 IV: 1df0844f4a7702d7 e8392c53cbc9121e
 Plaintext: 33749e0cf4
 Ciphertext: 7b9108bf48
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 6-byte msg
 Key: d5d49fd4a4597e35 cf3222f4cccfd390
 IV: 2d48d38f75e6d91d 2ae5c0f72b788187
 Plaintext: 440e5f5000d4
 Ciphertext: 8702c8d49067
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 7-byte msg
 Key: 618dbe7b0515073b 33821f187092da64
 IV: 54ceb1853e6915f8 466a0496730ed916
 Plaintext: 2f6768d4f74a4a
 Ciphertext: 21bec3a785c54d
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 8-byte msg
 Key: d0576876fa16bb11 adae248879fe52db
 IV: 2543e53cf445d3d8 28ce0bf5c560593d
 Plaintext: 97278a59762dd0c2
 Ciphertext: ab56d21fc9ba82d2
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 9-byte msg
 Key: c9cd68d4496a7925 08614014b13b6aa5
 IV: 1128c18cd6a90b87 978c2ff1151d9a95
 Plaintext: c1 9be1c07ee9a89aa7
 Ciphertext: 63 bf12a1533269e0ea
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 10-byte msg
 Key: 86c2b554bf9ae7d9 23d155903828d1d9
 IV: 6ca1665e4ee1309c fed9719fe2a5e20c
 Plaintext: 9bb4 4765382a4689a982
 Ciphertext: f67f 9f1b78ad1839c4c6
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 11-byte msg
 Key: 797a7678c263b126 dfda296d3e62e096
 IV: 1234bf39a63f895e f16d0ee36c28a11e
 Plaintext: 201dcb c2033f4107840f14
 Ciphertext: e0136b 3d43448daadfa8c0
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 12-byte msg
 Key: 05651b2861c9c5e7 2c8e463608dcf3a8
 IV: 8dfebef2eb71ffa0 d03b75068c7e8778
 Plaintext: 734dd0be 82bedbc246412b8c
 Ciphertext: cce4b159 5e271971a4656bdc
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 13-byte msg
 Key: fa307f70f0a75486 3295aa5b68130be6
 IV: fcf5cabe7d9f898a 411bfdb84f68f672
 Plaintext: 7b1499cdd3 0df0443ab4a66653
 Ciphertext: baeff9b617 946cbaa662e5403c
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 14-byte msg
 Key: 330bcba1105e4cec 034c73e605b4310e
 IV: aaadcfd5b0ca27ff d89d144df4792759
 Plaintext: 427c9cc1f8cd 8c87202364b8a687
 Ciphertext: d559e24c692d 7ae8507f9ca6c590
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 15-byte msg
 Key: 954cb05a8d4e2d99 e73db160deb180ad
 IV: 0841e96741a5d59f e4189f15420026fe
 Plaintext: 4cd12104932fb3 8f735340438aaf7e
 Ciphertext: 05f0d610ecd79f b76805e8309bc909
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 16-byte msg
 Key: ca6fd5cfd3a195ce 5abe65272af607ad
 IV: a1be65a6b4c9c069 3234092c4d018f17
 Plaintext: 56c6db9dc8a6d80b 888138616b681262
 Ciphertext: 9e450e2055249807 a66a569666c30c8d
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 17-byte msg
 Key: f954d0e771174878 0d92291d86299972
 IV: db741cfa4f37b8b5 b09557f5df806c6d
 Plaintext: 8d 74d98b43651108a5 f679bdf7eb15b8e0
 Ciphertext: 68 209f9b599f668c3e a5b0d25ce23c74c1
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 18-byte msg
 Key: e1608f6e3c7bf45b 628a8a8f275cf7e5
 IV: 874a3b329b614084 c6c3b1a7304a10ee
 Plaintext: 756f 032f9e6aef10509b c8814329288af6e9
 Ciphertext: fd43 8d47ebe7e226673b 19a3ae87f6d025b4
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 19-byte msg
 Key: 9e47a18148316ccd a49ede81a38c9810
 IV: ff9a43cdcf57c750 59bfbd1c2703287f
 Plaintext: 5d895f b949344e603ce5de 029842b20d2bb614
 Ciphertext: efbde1 ecb739af688af049 ee86a2f1fd625b46
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 20-byte msg
 Key: ecbbb82f73e2517e 7d1dd884d31f01be
 IV: 506b16d643218319 1518982b2c2e8bf9
 Plaintext: 0edcbcf0 ca0e3d6d94319274 af8db5a490d55e6a
 Ciphertext: c89eface 1d6774d310836c85 67796d789d4b7b9e
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 21-byte msg
 Key: 40fc8076024b176b 36b121db7d5aea72
 IV: 1e828d71a88cb85e d94eaffabfb09474
 Plaintext: 1d75e5dc10 5846daf25b81a07f 5ccb1d36e9497402
 Ciphertext: dbe8350457 21aaf867a97622d7 48a2c71835313e55
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 22-byte msg
 Key: 55d2ac1a0bf7a926 23405ba333b93588
 IV: 68ade12ad5b2325d 0ae55adce9775deb
 Plaintext: b569c53a6c93 980d57eb879adf04 68b2a2d5e6a4c6bc
 Ciphertext: 36b85abf397f d6915731982cf8e9 3102f4029f4d17b0
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 23-byte msg
 Key: 775f8dc38fd62a21 14a9d4041101188d
 IV: aebb731c60ca20cf 5dd62f455329d7a8
 Plaintext: 59cc0dea26ed55 4e8084d92bf837b8 edd57aa05c4efa9f
 Ciphertext: f257546c1380fb 5ba138ec36766597 1cb5688814092614
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 24-byte msg
 Key: 21fc3c36858e81b0 7dbfeeb1e485e912
 IV: 078bc6ec66e2a3f3 b9f4900632b9f404
 Plaintext: 022d2ce01e0174f8 43900ba237169208 531cb5373e370e72
 Ciphertext: 41e720935d60a608 18330bb264fed7fe 76b47d68828c82b0
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 25-byte msg
 Key: fbf246cc26097ef6 7ad8ed559712ca57
 IV: 02b66c086e3fb0e0 3a1c9bdf3a5f40dd
 Plaintext: ba b9e41bc0a6611d92 e5c8bc782b4a77c3 18590a0e6a0a42c4
 Ciphertext: a0 ce582b4f50fc2530 6164b7a190785e8b 446b495df81babfa
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 26-byte msg
 Key: 71be0fe3c301dbff 30b21a89f8652251
 IV: 3c053d4ab3befd8d 9e19d0a1fe69d4fa
 Plaintext: 0467 edbfc91914d13ff8 f2086851adc0c5ec 029412ec946930f6
 Ciphertext: 51dd 18b8c89eabfd3a9a 5c15ab62947a1004 2c2529ad0e1f5d87
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 27-byte msg
 Key: 83af639541e3bddd a158da4f3138cefd
 IV: cac55cef65e569c4 30deaf9ce25eb636
 Plaintext: 4bbe00 562f87846a54365f 6cda3cc50acb493d 05f3ca0ed7f2b1f4
 Ciphertext: 7ed3b5 3b0ba0f76eca6785 2d67b581ebee0e0f ec7e8c248e1e391f
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 28-byte msg
 Key: 988f7418224f583f 7447ef42542edfbe
 IV: 39b6e60c671c1b74 5cfe779d6b6e9348
 Plaintext: a744b33e 02b80487b63022dd e456dd617b6e3d8c 5ce7c467bc2ff2ff
 Ciphertext: d1fff5db 9438dd40263d0344 d15e55b5d21d767d 2c591d4b8ab9b30a
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 29-byte msg
 Key: c9cc0f1390a92411 1ead4b41e592283f
 IV: 62f5b8aefda9492b 3151ca80ec2e451a
 Plaintext: 3935aabe1c 65ce77bd57b3d3c9 170a4e1632f60f86 1013d22d84b726b6
 Ciphertext: f50c60e896 0d63fc1b7b4df87f eb66194a115f6147 62925c92cd8f766a
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 30-byte msg
 Key: a278d802d1eeaf13 21ba5929dec6a62a
 IV: 65cff4473621ebdd 4ba26a99a812c0e0
 Plaintext: 3491206ec762 4f3d84eea0a8690c 22d0247f183f28c0 a9cb01ffd9bde464
 Ciphertext: 5185f4acb30f 28fdb528bd1d9e62 9fc5e97ffafaec59 9cc64559b2787dd1
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 31-byte msg
 Key: b8338b9ad9c3408e 066137743283200c
 IV: af83fd23a244315c b318da3009e16134
 Plaintext: 7577509aed4a63 fb3d49e154f9022c 4eb60a97c2799f79 7c708c803fe04d47
 Ciphertext: b856d160d7b03a cb557a8b10a56bd3 93c323e9b93cccf8 a0f24b3e6605eaf5
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 32-byte msg
 Key: 0a5f742a9a434b59 305abb2b94dc6cb5
 IV: 5a9d2e9c64879827 a848ee98334848bd
 Plaintext: 6edef1c2a1c30e49 b5c780bc3ec20be2 b9ceb7b111b37664 69a308cd15281ceb
 Ciphertext: c6cc294c71d45ba4 8ae582467d3bea93 0106a4e81452ec93 e77f7536810f6b1a
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 33-byte msg
 Key: e95ab8bfb755da5c 13ea603e599525dc
 IV: f2af6d80d2e58357 45e9a0c4ec670ffa
 Plaintext: 02 3b8fcae4e1f9b9d1 2d2256ee3c03cb8d aa17b1ae050529c6 827f28c0ef6a1242
 Ciphertext: d2 9a5a508af59fd703 b59f4da6f6392210 7de9772ac202569b ecfaf8dbb6bd7efa
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 34-byte msg
 Key: e93f8b314fb18a77 f790ae049fedd612
 IV: 267fecaefc450174 d76d9f9aa7755a30
 Plaintext: cd90 a9a5874bf48eaf70 eea3a62a250a8b6b d8d9b08b08d64e32 d1817777fb544d49
 Ciphertext: 09b0 3af5818faf384564 19eb39c41b2dbf7c 87b376ea77bf104e 304ae8b7f57f1d08
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 35-byte msg
 Key: cd49720e219dbf8b bed33904e1fd40a4
 IV: 1d370a1f65745095 687d47ba1d36d234
 Plaintext: 9e23f6 44392c8ea9c49d40 c13271aff264d0f2 4841d6465f0996ff 84e65fc517c53efc
 Ciphertext: d97bc5 583c737f9078e5a8 6979ebc3654cbe96 23e9642c962ca8ef a3e6fda7f277dd18
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 36-byte msg
 Key: 3363c38492ab08a3 aa3ff03f1c55ad51
 IV: 4fc48596585ed588 1e81568cbbe99f6d
 Plaintext: 25c8eb09 0d191d4a07310158 ec97d50d7c1508aa 480f41c8d014a391 e8b3502f60902b85
 Ciphertext: 47ea5dd4 03590c336d6c2d4b be122bf90c195d03 e463a190e0a6e904 25119659f3a79beb
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 37-byte msg
 Key: e3b7e31d202f2d62 28d35010175de7e8
 IV: f7c4e2a8e1c8cf3a 65ca582c2de20c60
 Plaintext: dc2c62053c 62fac599b0274068 c3abba2d24c1109b c461f1fcd8bf4ad3 e61502c020a2e8a5
 Ciphertext: 5de3881f6e b719f089e7702010 b1ed0f6f4f563184 c285f2ad13a6a518 40258e14a3951ba5
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 38-byte msg
 Key: f2f2ea07d76187b7 70db87b1d7e5e944
 IV: 31e11d73828d739c c6ced4573dacb0a1
 Plaintext: 069d373aef06 cc4b8cffb64c8657 192536d7259372cb 8ecea7bf3c692887 4379c68215f9a11f
 Ciphertext: f199ed956da0 d082cc5763493475 e5f2dbc563db339f 702c4099c54fecff 64653948645ddca5
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 39-byte msg
 Key: f76d3e9fb1c6d91d 8a86fccc73245081
 IV: 83b2b471a3bd8c3b 8b755b29ed0d95b2
 Plaintext: ef65ae44dfe777 4122afaa486eeec3 b53a90126b721c0f d16edced1a253f72 ca9e7b0575a87609
 Ciphertext: eb23c2dc0d4ff5 962a652227be862c 9630396eb03cbe81 45e629c417892f4d 43b9b9ef09eb49fc
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 40-byte msg
 Key: cacbe769d17eb874 719ab0ec350f4e59
 IV: 50d6f8a3de2755e0 6cebf76bbb743d36
 Plaintext: c16c7761f10b4c0b bc8d596858e41b13 c0aa0fa6fc591789 a2be20079dab02a7 2deda7b92f7d702f
 Ciphertext: 73c35063376c3b44 6af3a249ffb42c0b b947a5db9626518c cacb9bffdc1904c5 076342c5bf283b69
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 41-byte msg
 Key: 9ffbd4ae5b574be5 29d26a1efc254f12
 IV: 73ff3f02a3b58e03 1635bf9a133ded88
 Plaintext: 20 ca6ae7c6d2a57694 35513267f2c326e8 969c8355fba9f385 2e072b26b18bbf4a e3603b22bcf26f08
 Ciphertext: be dd969b8adeceab48 0c929588d211188d afed1154b94b4234 a2ea422c392b9506 98979230ef426bb1
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 42-byte msg
 Key: bd0b0ac3273c6b07 6c7fb33ce31a1f80
 IV: bfc795ef42117c22 2e01d1f57dfa778e
 Plaintext: 51e2 cf9b2e8289da6730 badfd6ab2e12d046 fff7584966b29394 d2ca7d85372dd91c a9746e5d296970f6
 Ciphertext: cc15 22261b465379c39c 808fc77a818c35ff 4218ad5fd24770dc 64f1f486a4508b6f d6390765773d1fdf
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 43-byte msg
 Key: bfc63d22c9404acd 92c45cf92601fb60
 IV: 6526235b57ed3e02 bfd84f95f3ba701b
 Plaintext: ea7a7e 48971413a475e0b4 ea64174caeb393d9 437ed666dc3a4e39 f18ed84de5648203 e541951413d1d3ca
 Ciphertext: e8d35d 3a9126ef55077e22 97ce1086b6e99611 1cb891bdf7d4c3e0 c8205a91f0d406b6 485577a6fc4b8a49
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 44-byte msg
 Key: e4c7fd70c6e49807 0754f13af2415f94
 IV: 3ba3c8f19d556632 c16ecb3562ce2305
 Plaintext: aff7ba4d f01fbe136d8345a2 8bfd91c839d99342 8ae5af75a3c7bf5f d8935acc129d56cd 748c8b663eb0da87
 Ciphertext: e3850ee3 02e426ea014b7449 fc3acdda8df56a92 a1f875cdad056158 e0fec7057b01044b 92670fe59756885b
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 45-byte msg
 Key: f1966f3db4d9422a f63ae43355f37878
 IV: be49ff89d661dad7 995489684185b9cf
 Plaintext: 6a337e5c73 4add90277f8dd39d 9bfe695c179ba3c3 ea4d52a99f408140 aae9643ffc488b40 d56a5b66da33bf44
 Ciphertext: 8898d30d20 da4602af61e54edc e71fd08f8847aee0 18d11186dc531d00 77cad53293d2cd1f e081483abb1e889d
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 46-byte msg
 Key: 675a1bfa26b582a1 e1b728ea94371a01
 IV: c7722cb81a5433e1 22f375fb735d5e12
 Plaintext: fe9375e09ed5 8e38ed2040a55cf6 994e835d111cb52a bd1fd87fc52e7393 18ce09b15e56a684 2f50b79182211e05
 Ciphertext: f25a43b550ac 23640ba97bd8b417 fcd1b086bc09b587 8bacb13ee5cf4f0c cc7378da6bc3725a c38a9ac995fabb92
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 47-byte msg
 Key: 68ed86b1fab5f453 8fc29f173347025d
 IV: 55422fbdc0a36648 cdb0e611d6a803ed
 Plaintext: eda67976cec900 56139221c2a78d47 447d3419be821007 acd02123a9248033 35924304b577a101 bbb057038809496b
 Ciphertext: 346697b39b85a8 120b9ee5d5526a6f 88dd026c7a03479a 0eb329bf88a8e976 62d02b9a74bd02b8 ddabe7f77068de85
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 48-byte msg
 Key: cff86d6fbc8ce5b1 35a06b166054f2d5
 IV: 65be8ace75dc851e 0bcdd8f07141c495
 Plaintext: 872fb5d8c0c66a8b 6da556663e4e4612 05d84580bee5bc7f cdd4de8e863843ee f288d3fcd018e6be db47aabc4bfac411
 Ciphertext: a2380d5b6f8c4954 1059ef1a037ecc43 1d8a6ad404cf37dd 9c4e818d6504ab99 39c4fb0cf1aa4fe0 6dcbe5b403fb1c1b
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 49-byte msg
 Key: 9e4a3ac1987a904d 892c3185ced4119e
 IV: 9a6c9184f76aa371 07ef2ebf9041b4fb
 Plaintext: b7 7b323a0c8347b0c7 3d997e51fe75cc07 44b5183aa4e7cd7a 03ab1814095df7d9 d3f49321e82acf10 6fde21189fb6a1bf
 Ciphertext: d1 6209941df3b38ac2 0d5ee6f9ad56b2fe 27b69fc4f23c5c0c f47b94e5a1f51818 9029034452bf9387 5749b0188070f12e
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 50-byte msg
 Key: 76085fa3aefbfabb ede96edf3c082e8b
 IV: ba4a73e09181d3eb 2ac7152a9d1d444c
 Plaintext: 6c52 023970271f5213b0 6afac0fdc75598fa 824f6794e3e1d61d 0390e2f2dd368c5b a804d2b265c8dfc8 b46c7f84ebbfd5cd
 Ciphertext: 5902 a5f41050309e0e51 71d0028ef3fc3cfd 83d34425c61de8fc 64fd5e16d6209d19 fe9820a56d7958b7 7a13f4075bcea4d9
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 51-byte msg
 Key: 697950aa2879dba8 9250547d960340ea
 IV: fa0dbde6f3a4b7f8 f33d5fe5c252d98b
 Plaintext: d06335 0dca3ba1306b74dd 05953defc9a05b17 09f26e0509cf764a 6773950dfc5e17ff 03f0af917d350364 d4026b00be41f6ca
 Ciphertext: 8f2d75 204b5d033310f56e 4e31e3970097fa58 0121beb727c562e2 adff066e28e4279d 358378a805110edf ea58ab545fa94437
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 52-byte msg
 Key: 6489af30c4f21e27 532711d7e7bc9c94
 IV: d5c25e11569906d0 300616dd9285e7bc
 Plaintext: 3fe1eda0 ee013ddef1054ca0 1692fadecb69cf8a 853f840b62c9c5ed 0d1635d7e221b3bd 52a7dc568936d0d1 4f8739c42c0d8a65
 Ciphertext: e7559d26 10fcca7f254deca1 39ae06323de3632d e5b1d28f7ba512b1 9edb023754783029 aee725a2dcc1f6ab 14024b20da4a0de0
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 53-byte msg
 Key: d0ce85fcb1720098 f699e801947286ef
 IV: b78a017963e125d0 5b43622d42d51808
 Plaintext: 00ef128b67 29504617b909249e fcf09ee452b72ec7 2fd107026f7d0353 ea00dddd4931a0cb 183b5f361c9f2748 e67832a2a8035dfc
 Ciphertext: 944818774e 9ad427376a900781 390507e57684ea9c 26013997d6b39c34 b502514b79c71ce2 f76e44fc2aa73978 fa18a2fe6d5a5780
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 54-byte msg
 Key: 485edc0bb3902da8 74ca4a2e85ed2324
 IV: 644b4b1c6ab2f2da 59a713b934efee4b
 Plaintext: 5354b940b6a5 93899affb9bd4a4b fcbb380873914c4b 6d9c7c03a9f19d82 cafc7839056721c3 1d3d842691504155 14d8baf93d5c6970
 Ciphertext: 4394d5f1bf96 348e53b011e12c1a b24f502a7c1c9cfb 625eb57581a26004 00645d04bdda58f8 ccd60c9168e75ea3 f567d36b65b151cb
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 55-byte msg
 Key: 80d678165d128bc4 d757e19728499bf3
 IV: b30e5bc73ab01112 51c212a612476b2c
 Plaintext: 13cf746895e3a8 befea3b3f58aaecd 3c3d42476a1ca563 8a9cc369975b18f7 840ed0997fba2d99 77282a19dc935e5e a6a3226f989ff6df
 Ciphertext: 467cfa39230b3d 5eb7a9b5a707d545 eb56f79b1beb9f52 18176a85d25458cc 5300c4a74250e95b 70b764c7423aff9f 17a42a198de23b5f
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 56-byte msg
 Key: c6de21e7557e98b8 8259210ee535b809
 IV: f73b3239d3ab20f7 39cdf6fcd82b6d2c
 Plaintext: cdfd25b367e58f53 2ddc0afc226c4c9e 4721043b623abd40 fea30615b328d0f3 a7e317f655f6c573 8d80d38bbcc9b100 6ec0e84811a8fee0
 Ciphertext: 70172c2c768e0845 f9674683244326b1 810e93c982863768 ae8ae20c6f70135c de78935c8d3f7ab7 0b475b19f4ad5460 54c17a00d2b15192
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 57-byte msg
 Key: fc0e99e3b0fee8db 5d763fd7a81b01be
 IV: ab2bc3e23db3aed8 74022588695da880
 Plaintext: 3b f4f98e57157d8df6 a0e47fe7bb0ddc8e c6232a2d920dce62 cd0522f1c186c7c4 3f6c3d30d557b07a 4750159a3daf763e 3a3b8a12cd94893f
 Ciphertext: c0 eb5dcfec09484f10 6616a822347a8be9 a042dff58efa407e 5d18d7974518b42d 6fd54e75fe2644e4 0c7971717ed927ef 377ead21bf36e652
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 58-byte msg
 Key: 0bce3e313c5f5e9e d53b18c4a73dedf2
 IV: 55c9c2490bb034c4 6d532b76ce0cb213
 Plaintext: a3c9 06b237faecd1a0ae 489af1f8ec65b198 ae7d8cd7bd2749b3 35e0fc3cf0e77d3e a0fb18201a66860c f53a1c5154db4305 00bd28eeba6fb5a3
 Ciphertext: 1eb0 775770c7dbbe36f3 20a543b5e52c2c5d 11b593d25acbb922 2ba480829759d788 04dbdddb9d532bb2 0158ca161c0a5516 36afc416b527d7b9
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 59-byte msg
 Key: cfd9bfeeecc28175 349549999064719f
 IV: 462d910dce5cf357 e19247bbd2a5986a
 Plaintext: 21e87f e84eac97b5eb0630 2df5d348ad64fab7 f701f1a9d8788351 08aed0dc515495a4 f3bdada748ecd837 a4f2bcf37f7729f5 d696a14dceee18ae
 Ciphertext: 3dbbfb 7da64d579e22b833 b4d65379d5e2391a fbb81f50666d60d5 b5cc7b396d3b0ccf 9a3bfd8e4daf0de4 c882fbf83af44cdb b9ad9ec85c4f302f
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 60-byte msg
 Key: 9bf5f868a0906896 d7e1ce99746092c5
 IV: c52e26595da643b5 713475c7826ad9c7
 Plaintext: 3c502524 9ffceabe5c631655 826fbd4159521964 8e19cf5e918473ff 3c154f02b56760f8 95c1a2824aeb8ec3 ba40e01528059dfb 5cf95558fe2da5de
 Ciphertext: a476b404 32eb8bfc632649be ca2e3f61512d7b63 f7c5dc297c07a1a5 b8c6d11a17a972ed dfe59c4e2a260d2c 0e0f7cdd808f66b0 2e27a956b31e569e
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 61-byte msg
 Key: 441601c8cde1b0cc cc06184b68203ccc
 IV: 63fc83a8faf0bb06 0d6e5d0a80d8134a
 Plaintext: e19677824b 671e888af4d5827f ab2a56c6ca2f6297 ba7a6eea9f70dedf 2dc42c5cbd3a96f8 a0b11418b3608d57 33604a2cd36aabc7 0ce3193bb5153be2
 Ciphertext: 601a232e76 1236c291d6ec8e36 093352b5cb728188 67d417a0201c203e 717ea340c38de0e1 563a7380a82204bd adea1c275aceca3e b920bb2a508a653e
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 62-byte msg
 Key: d3c06dfdb2d16e9c 357158be6a41d6b8
 IV: 61e491db3fbfeb51 8efcf048d7d58953
 Plaintext: 730ff30c9ec4 70ffcd663dc34201 c36addc0111c35b3 8afee7cfdb582e37 31f8b4baa8d1a89c 06e81199a9716227 be344efcb436ddd0 f096c064c3b5e2c3
 Ciphertext: 59c2afded2ee 41fda6e5133e3a6e ca4695dd1355f1b6 f9a7287d6528b01f 40af3ea2c43b864c 277fa7f197807bb9 ec54ff36b9ee3035 8da9957c99551e35
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 63-byte msg
 Key: 99993fc77394f9e0 9720a811850ef23b
 IV: 2ee05d9e6173609d 86e1c0c18ea51a01
 Plaintext: 2a00bb413b9cb8 188a703cd6bae31c c67b34b1b00019e6 a2b2a690f02671fe 7a4cf4d12dea320e cd499e72f12f3806 4f0cf9f339787196 68ddafd7f97161b7
 Ciphertext: 8b96f5e3964d5a 7ede97c65316ff59 0bbc3350f08d3ce6 94b604acc4f802a3 d5bcecd7b96a056f d2f443bcaa41ef0f 4a75237ebdfe785d a9802b7d475094dc
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 64-byte msg
 Key: b5683c2995679e23 853b72f469cb55d8
 IV: 5e4bf6ca42b3c399 7670c23ee259bc6d
 Plaintext: 3ae4a16a809a281e cbc8b66a467881bb 7b9ff5dfd2985717 54d1a86db5c5cc47 922aeb3df76b1828 2458307b911d05d7 2f70bcd9f10f7437 8b6a290b7a9cd76e
 Ciphertext: d113b9739f49c0d4 e4f2ebcdfa50fc8c 120915d3a8d281bf 8db2d84cde0e135d b519ec5731714db2 677569ffa0ea23d1 b1c067662dc1beb5 fecef91cbe94752b
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 65-byte msg
 Key: 44a0e24901c2b568 1a53a9d051a12953
 IV: 01271561a7006321 a2a20cc037c8260a
 Plaintext: d8 b04d37a687480734 22ea118eee35577a 2ac61ffd536dfe21 e01b36f6300142d7 c1f6aeeea2192cfb 2bb8e550eb710d20 e297bafaf0d8f691 8e1c12bebcaf3ec8
 Ciphertext: 00 a66964d05879645d 1f6e05a201bc1fd6 d9dc2ad519cd1705 0474f3786d856fef 2492792d700d7b1f 3a3dff30c5c9878a a2e8040aac1d4677 3a95c22c67cb0968
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 67-byte msg
 Key: a357e2fb7000f5d7 def4a080259b7eb7
 IV: 52dba7c0ec307913 d8ff98547a273385
 Plaintext: 1dda89 7b95abac8e22e785 9598291912bd290a a9f3d561d717a38a e0a825a0092cdeec 08cf54a8b94e6608 1213e07b59a24d2e 94330cd142a0a69f 48825f982e970b11
 Ciphertext: ccdf22 5e093f83a33e2b57 47f5cda6bdea9522 a81c32868ce51b46 cd43ac1104a0a487 c0298bdae5175e15 b4d5e681931e9687 30388defb5f76245 8d324cc1605abc19
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 70-byte msg
 Key: 68236fbe281830df dee72bf6c7ee186a
 IV: f5fe52bc3db1dc74 50fea25c280a02ed
 Plaintext: a6418b0779a6 05e54167b14ff4b5 d21181d26badb46c 4b4d5a2947fba583 c714d2d684fa08b7 8f0a848896cef349 63731fb1a57dce7e f3b9e7090e73d71d 66ea3309e0019ff4
 Ciphertext: 124aa4be95be 83022a7f9661f984 25f83f611f104a44 d97ac6a4d02c0283 05388b60339a665f 786587c16c5240a6 db005090f8d9caec 7a7b93535ed8ad2f c4223ec08cd42773
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 77-byte msg
 Key: 37ee7161d98b54d3 7717c387945390dc
 IV: a141c67f2d8681e9 56130329830405e4
 Plaintext: 55c84b9ada 837b2a04b02f995a 0b490feeae87228f 7a57573fb8ece6e8 0091be4a5a3dc938 a4687104341e6338 be52938677748002 7a46b98f6beba097 5b406e00ec70775b b6c3b05ee9b76e94
 Ciphertext: 7ef1651d1e 8eeb54a8c425df73 a6f28ec68a870c5a 0d8e0ceb914df641 3d941152b4774a6d 594b23ba47ff419a 6727766515085dd5 54479dcea4d9613f 8c2f79d5dca36134 83acf7f8fcb44fc2
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 80-byte msg
 Key: 527053e4b620ef50 f6162d7428defadd
 IV: bcfb5dc60c2bab81 33edfa182341d733
 Plaintext: f2af3c3c758abcc2 1076011bcc28784e aa6d4b30386e90cc 6132c00889646a86 da5728c9d847d399 3ce2f3a8ff067975 b5cdb1711cc77261 f58698031260b3f4 b17001d108de9a9c 2160eb62e801651b
 Ciphertext: f6d60dd789ba58ad 61980248c3fe228a 822ed656059b5021 9c57768160766031 cdf1f40577f08351 e4dc830ddf88b7b0 6269172788b7a947 a24d3496541b03f0 678453dd25a72dfa 68b463705e2c5632
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 83-byte msg
 Key: 2276d2e1beb90696 f26a4fe6bc1c451f
 IV: 03ae9d2dd77b9568 fbd193b0a0a508bc
 Plaintext: 74849b afdbcd84ec7c1e35 2c000c40ce161775 6ebbdc4ab8b88d81 7e6c9f0409cbc214 ada716a2a02f9cfd 0db5ebae63b424a0 f3112785baa10774 7becbcd712301884 04a9fd2a5a10ccef b062205789e2bd68
 Ciphertext: dc3e0d ea41fe9e930ecc42 d4f87f9938412934 b109139dc3a2ce44 ed8f6f2a0338d686 632b44b90bb96a9a c289bd8ba49d38e1 2aa8c98fdaf3c502 b5a03c0cc4e30806 58d656f2a6323f02 1f78bb5fd67294bf
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 88-byte msg
 Key: 61c30c16bd28b6cf a864487eaa6e35db
 IV: 69e8e2c12996533e 8f1503e6aaca136c
 Plaintext: 3418a77314d68ea1 280021f542ac6d5b 7040947e81e370de c4317a221333eaaf 108e2079affa4319 f5f62821ffbb75ac 456e063920998fb9 8adc83e625e035d7 808d3ed1957d1e61 96b026a7e98195f5 71d801990fa2f8f6
 Ciphertext: f3344b1d6e28e2c8 fe3945e92b8c5b56 be73fc0e89007b49 b0c657c7bd5648e3 b2cbe0ce529ae947 99113f4f837fa2d5 c7b3be07e8788041 d2fa769c434ff0f4 5a36995531cbc95a 7f79c507bdbe527f 7e2551f0f9f1b32b
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 94-byte msg
 Key: e8dae9b93c0b097d c823ce45679e9394
 IV: e23208e7145f7ae8 4c4655e4f3bee77f
 Plaintext: 6fa566a74674 35c68716633c66fb 750c266865d53c11 ea05b1e9fa49c839 8d48e1efa5909d39 8bd043535b49629e c27fb8f107345333 4896f62a07b8be8e e53f0562ac5e8784 9304c382be53a5af 05556176f6eaa2ef 1d05e4b083181ee6
 Ciphertext: 2e8d0162f582 d2e003be7ec75cd2 f8784708e5d0e710 55bebbf4d2460fbd bcb35b0d85d11e1b 47b3a853cc51aae2 9dd84e17d0d69bb7 6b45db9af9fb6e78 047fd8ed1fd810cd 259c559a25a06b1a db68976f23f3d012 f4ecbdbb3af48dc2
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 98-byte msg
 Key: cda5a485f74d7ad6 c8d14a95447557c3
 IV: f5e99f3be1716bf0 b9432476533068c4
 Plaintext: 5a87 5d38453745db8533 53e7031bbd86c918 13ddff08cf491adb 2de8503c3d5c4f74 36cb2e8c0d2aa4b2 46bc78df0bd538b6 7be42eae44b09073 74e2f78a8cc41234 d6489c96f94c8b16 cb1c8b086639aa8a 7e5955acf2ae83d5 a06b30627e850d8f
 Ciphertext: 3067 05cbcf7382aa0014 ec33923d24694a5b 1511a5afdccad134 a0c7533298229a53 568e4c57100093a0 82a99b4d2eec36d7 00fe2391cc354bc4 ff29d1cfec587b9f 4cb48b3c2a825bbf 310b9fe3f37bae17 50060b4682149f96 9e42f9120143a289
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 105-byte msg
 Key: b6769b32c8a42789 1024e0f839875dc5
 IV: 435c4a00ca5bc75a 8ce30b3b26a74d0e
 Plaintext: 1e a4e4e02656ad299f 2bade95d38f7f7aa 2ad0968d80124a4c f8ceea2f4735f587 0db929ef086f52d2 88b8612d2320bd96 a986de7e5b7e17b3 57f3b328571144f9 9b6138aa2436adb0 23498732b1a0bf10 c0b4fd2552d26ac9 e9c2bf9a3ea7a37d 352633df11cae241
 Ciphertext: f0 eba22b797cf2cdea f1cea9b6de373607 8ff9bfa9c544061f 3dc7b2d645908c3e b078b0c66a777fe9 63df1a9962660516 781c1b5f378cc941 ff9827d829aff0ca c8921fece7dce996 12f2c3ef61d4fd7e c50ec028e9b84f91 7e192aeb58912774 f715719f0884f070
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 109-byte msg
 Key: a783f34a3ea41f57 a11e0aced8ea9794
 IV: 82360d64bfb819c3 4e431737f3988db4
 Plaintext: 1c7ef857c3 15cc579667b63856 4024417d40073123 2ed72e228fd8fe79 779d79eea0ca3ef8 b91ea6db00b0f615 1378d9f903120d9a abbf5cea40adce23 29781d6610f069a2 391d2db8128072dd 0c9c423faab560eb d7d836ee7d1b0fba 532686ccf7f23e8c 3cd1d475c5af1275
 Ciphertext: c547268321 5370e09ace2e69d6 f3512d7a12d88d8d 16de1e4360ff3201 b8b886ee6f1a182b a9920a8f0a38b5b9 d495121b600833b3 212ba68f48720fb8 3cf75bf50448dc1c 868c7471eb048b77 291a0c2d5c4ca5aa 840eeed108b0162f 72063f94ff3b693f 89a2c3e27529ffb0
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 112-byte msg
 Key: 9766975b7992df5c 2aa4756fac2907a0
 IV: b09e687c59277d6b 43845940c440a70f
 Plaintext: 712b483ee40b3edf bd8fc93de784cfb5 1d4b81c8ac8b3c6e 7a23adac47633968 337b9c7d8033d00b 9add30105488dd3d 7577610273d292ec 7e9ab930c0e2f488 e43dd93dd5735c85 c878f3107c9ef8de c0094e533763478d 58d2c5f5b827a014 8c5948a96931acf8 4f465a64e62ce740
 Ciphertext: d1069b3c7420e0c6 2248219beac74cdf e984605e2904e2a9 0c4f2ad5b204738f 0383c5b4afdfd11a 51d99f2d8e74871d 19d46891931b16e1 0f031185df52cc42 c7eec87dcb6cc43e ee5b7d99e9c49f5e 76fb99888955a7d6 2ee63de8f12dd283 036f4e98359a5388 79abc5c01e5696e6
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 119-byte msg
 Key: e991e37ea823fa0f b21923b79905b733
 IV: b631e6c7d6860a38 31ac351a9c730c52
 Plaintext: ff72d9d308eedb ab21fde143a0ea17 e23edc1f74cbb363 8a2033aaa15464ea a733385dbbeb6fd7 3509b857e6a419dc a1d8907af977fbac 4dfa35ec02be8281 106d2d99c0b96f97 b45193ae270d58af 766c971fdf41258d 89a9fb22c540947a 949597b269dbb6c3 30e1d60e8e447038 6be33737ae93fbad
 Ciphertext: bb906cbd47ab23 921dcd447a0993a7 4b54f78ce5b143c1 3ecedf17f012b68d 4823b6aaf15d1315 da749399ff95b6c6 ff54bbc74590686d 0e00e834b8c85d4c 47179e5793bab2aa f0da289249d419cc 27f4527781e50102 b1ba66aa5fc77da8 fd5b85e90c4eae05 fc9d095db85f6ea6 03a499cb7573dd2b
 Test: Encrypt
 #
 Source: hc-128.c reference implementation
 Comment: HC-128, 128-bit key, 128-bit iv, 133-byte msg
 Key: 6f392a1fd910aacd 7f4f9a32ef5aa1e9
 IV: acc0e01b891079f3 56ee5251be6516c3
 Plaintext: 707f7db17d 13ced701dfa2f806 d6ead1a5bb334d6e ef29f70b885ab41f a23db274fa739c56 b94c103a8d8d52a4 fe71424700ed8b6d c4381e99d48bdf6b 5f269dc5d193482c a72e5e7182e5a790 7a3d22d8b4953f4c 37af4e4afb6c386a 43d76da92d651dc7 887cabede5315f93 f1565ba102b4d0d4 ef957164258628e4 f75a0869367284ee
 Ciphertext: 033c9cd9b5 04efda94627f0344 a27e496419efd42e 40b5aa7c6e1602b3 1d222676a1219183 69e0807d77368e49 b4e802e1b0879f76 ccbba06e7403e005 c0c8557c3efa64eb 8fe093f2b01cfcc8 30e0cbeb60b82d79 b7d29752924b6d6d bd206ba3a23e9b22 8440fa4cb8eea924 e9cb192a33c9e2b8 2fd090aa5504c663 3210751efe8136e1
 Test: Encrypt
 #
 Source: HC-128 verified test vectors
 Comment: HC-128, 128-bit key, 128-bit iv, 512-byte msg
 Key: 0000000000000000 0000000000000000
 IV: 0000000000000000 0000000000000000
 Plaintext: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
 Ciphertext: 82001573a003fd3b 7fd72ffb0eaf63aa c62f12deb629dca7 2785a66268ec758b 1edb369005608981 78e0ad009abf1f49 1330dc1c246e3d6c b264f6900271d59c fb1c12c1efcb64c5 603ca15ac896d1ab c1082b17b096c917 6547992eaa0eb646 f9e1b4bd35cff88f 047043aebedfbd31 0bb6ca762040ac51 c28203fb1873e539 7afea3aa16bf4a9c 6471aeaa6fc3e042 7d311503a31fe37f 0245e30addf14e93 e8df7d746043aa71 d45397b001787347 bcbf5f23b6fae5a9 b83203cfaefc46be 76f5e28163a6f72f 4ab72fcd90c69eed ef6d5c73539f14e7 ca0bf6a9f229f12d 1492efcfdad11ee2 6de44f0e843178d2 c989d4f21fe9b53c 03c12874e83a7026 3cdc1d88eda83676 7090fb77dae5ecc0 0f5bf5ca8879733f ac19e8de5c725636 7e39e8c9c4efcdd7 5dfa9660bbbeb584 b5593dff4566eac3 7e857d9b9e21ff06 395253c287ab3de3 48e133d87509e1f1 678beb1dfa278ade 7d766ae5863307de 2bb04f975864ebab 903123d6ba517ddd 4b145efb28f72896 8e0d7437fc750977 48e1937162416e5c 98dac486bafef1cc 017df9ce8db87b17 eadcdcfc5e6812a2 7f2fb2d97ced2c9e 0b729527b9b93817 facc1adb7c205063 2575c0a3bd7955ce 713b389bd7e1651a 450c051b77f83a96 da277a370fcebc43 03a18ab1c5ff5342 b319f0593a67f2be 6de7d256cec89f65 61ff60b8ab8621b6 720206975269023f
 Test: Encrypt
 #
 Source: HC-128 verified test vectors
 Comment: HC-128, 128-bit key, 128-bit iv, 512-byte msg
 Key: 8000000000000000 0000000000000000
 IV: 0000000000000000 0000000000000000
 Plaintext: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
 Ciphertext: 378602b98f32a748 47515654ae0de7ed 8f72bc34776a0651 03e51595521ffe47 f9af0a4cb47999cf a26d33bf80954598 9d53debfe7a9efd8 b9109ca6efaddf83 2fe82100ecd66118 d73686bdf879cfcb f35bba32db097fea 1015ff9767b8ec40 a0f85f68bfe6cf5e 2da802d7c08ee9e9 c47510dc03d8fa2d 019a26eaeab7d658 38bac93ff6ac2b28 8c53142696c984f1 cdb28811c1587671 5524f5dd1c3a66b8 47565521adcc6caf aa6ee49fe8e03f13 276a1e8b6c4bed16 4812323da40b37bd e7f8dcc6a1d42ecf 6a49651f7c610657 b1df6e58fbef6a24 6d6d4caa83858839 86325be2b4185b4d 63d4bf766c5f4b73 0b89c3cd66018155 dfe9d37b6f5c1251 6d21763b2febadb2 12ac71388ff93586 48aa1a0e874d3b69 32d7f80a5657f88d a44bdc16aa21e531 e3e473cfe6fca9ee 20739339ce4f2dac 793210c8cc20897f bc468056d084995b 46d396dec7e1b8e0 f90a03be7b6804e6 7abd01162e7d9a1a b9df064ff3b775de be9212c7a5b86658 97be1dc3d112ca8f 5b17b8e803a57d30 530469fde4882f2c 8abadeb718ef4c48 303cf20e6453d735 8dd52e67c721381d 8bdc1dadf206f10c 7900453dfb59e3ed ab05d8816b74a79e 05a77945dd27a2f9 5bb39df39c64bfa1 3f2aae924d3df4fa 22899838adb60980 6c022c36180a3e46 a547cff7f4de1151 a81aed3646b2d86e 1f0f3c22c92d3459 593ed599d1a535df
 Test: Encrypt
--- a/Show More
+++ b/Show More
		`@ -0,0 +1 @@`
							nCBţpIbź_¤_ĺ\|źâ+"w˙¶¶†Ž˝í#Aýíż‡„nŢmÖéŠČ‡ű%±––kXřťąRňłüw`Ză‘^s.+ÚÚµ<C39A>ř„Š`ŠÝBf]zó•}¦R`}\ŘdiśbfttÉ^ř˛
		`@ -0,0 +1 @@`
							`3081C80201003081A406072A8648CE3D0201308198020101302006072A8648CE3D0101021500FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF302C0414FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC04141C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA450429044A96B5688EF573284664698968C38BB913CBFC8223A628553168947D59DCC912042351377AC5FB3202150100000000000000000001F4C8F927AED3CA752257020101041C301A02010104150023A68821ABB99DBB8429ED2320D61A8EA4C6D81B`
		`@ -0,0 +1 @@`
							`3081D10201003081AD06072A8648CE3D02013081A1020101302506072A8648CE3D0102301A020200A306092A8648CE3D010203033009020103020106020107302E041507B6882CAAEFA84F9554FF8428BD88E246D2782AE204150713612DCDDCB40AAB946BDA29CA91F73AF958AFD9042B040369979697AB43897789566789567F787A7876A65400435EDB42EFAFB2989D51FEFCE3C80988F41FF883021503FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B020102041C301A02010104150003693AB4D83EE8B544548BE7647AEA0EA64E8211`
		`@ -0,0 +1 @@`
							`302E020100300506032B65700422042098C59D3F097FB23D44BA90791281B453258D691A55AF5CE4F1EE712FDF91AE6D`
		`@ -0,0 +1 @@`
							`302E020100300506032B65700422042030BF776A497D7F1E0E26AC4FB03F5BE7E187DDFEFB914CD292A6FEDB7F70CE6B`
		`@ -0,0 +1 @@`
							`3053020101300506032B6570042204206861FD53C7643DABDCDF4C3969CE44A156BAC261242A5AAEC140EDE510071C6CA12303210029CF90E6C1CF1ADC7105720303B2EE303412D2B682C6FEEF3D8736A286B2E27F`
		`@ -1 +1 @@`
			3082018E028181008B333697371663F8869E3EC80A414E46BBAFE41F6D40E754A01ADA60FE7D12ACD16DE311C4115293114F6B92A54195909276380F04BCD4ED5CD993ED7F516DF7A752B928E5035E0D3A1A979A1CDE8387734338793C02001D59B662D4FC8F2BF0EABB1F553F9F46F57E74BCABCBA4E458812DB601FCD04609D435317181236B9702010202818038FBC56751763146BC107ECC59E9BAD3852EBC38799B41B40EF5745810BCF9DCC6D569B7E61063EA358B0DF2A194910029B72A9CFD11AD240681D3F976EDCB18D79C0530AB2944DC1E314C2B520BE23066C802754C19BF2EC15DE0439E2663383CEA5163DC857B6A5F91079F54FB47C9B33F23A9EB6B3FCBA8581524B3EC5C75028181008B333697371663F8869E3EC80A414E46BBAFE41F6D40E754A01ADA60FE7D12ACD16DE311C4115293114F6B92A54195909276380F04BCD4ED5CD993ED7F516DF7A752B928E5035E0D3A1A979A1CDE8387734338793C02001D59B662D4FC8F2BF0EABB1F553F9F46F57E74BC7F3EC6725F2FC0A6155ADCA43CEE7319E623824852				308201360201003082011606062B0E070201013082010A02818100D18892CC35AD9E532C53810019E525CDE08882E6344D6787C366B171D68948F53D74F7923B148E0A0B4C9B956D695384DE24AC3034000B3C4AD4C8226470BBD88B5B053BCCB01E608B1352D6ED16324745253BDB204308E065368CB9D75ACDB290E671BD4CA1608500BFACD758E6E9EFAC8CCBAD83BE7E397A62E4F55634FC3B02818068C449661AD6CF299629C0800CF292E6F04441731A26B3C3E1B358B8EB44A47A9EBA7BC91D8A470505A64DCAB6B4A9C26F1256181A00059E256A641132385DEC45AD829DE6580F304589A96B768B1923A2929DED90218470329B465CEBAD66D9487338DEA650B042805FD66BAC7374F7D64665D6C1DF3F1CBD31727AAB1A7E1D0201030417021504ED7AED68B1A5EFDE11262210D9F1121D4A119CE8
		`@ -0,0 +1 @@`
							`302E020100300506032B656E0422042030D407BB0CC97D0EC493BDB00A4A8EFA06A50D2388F5BA62947030E7D9873F49`
		`@ -0,0 +1 @@`
							`302E020100300506032B656E042204202818E54DE6B88EEF3E99E25042CB98E69373B222E4C1E8B3FB10AC9B26C1007B`
		`@ -0,0 +1 @@`
							`3053020101300506032B656E04220420A00FADD6D29BE764B851F64F7620E80B700DF65914BED31E486362281BB5D061A123032100E9AD4CC54DAA36F312D98B253854F0076E2BC26FCE5802B3AC79A5B59B3D2C4F`